Lucene search
+L

386 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29174

Malicious code in bioql PyPI...

6.5CVSS8.8AI score0.00498EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-34630

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00385EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-44013

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00324EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32453

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-22194

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16172

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00746EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38136

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.14 views

CVE-2025-49036

CVE-2025-49036 is a Local File Inclusion vulnerability in WordPress Premium Addons for KingComposer (versions up to 1.1.1). The issue arises from improper control of filename handling for include/require statements in PHP, enabling an attacker to potentially include local files. No exploit vector...

8.1CVSS5.9AI score0.00434EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.1 views

CVE-2025-49036 WordPress Premium Addons for KingComposer Plugin <= 1.1.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in octagonwebstudio Premium Addons for KingComposer premium-addons-for-kingcomposer allows PHP Local File Inclusion.This issue affects Premium Addons for KingComposer: from n/a...

8.1CVSS5.3AI score0.00434EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33176 · WordPress · Octagonwebstudio Premium Addons For Kingcomposer

Name of the Vulnerable Software and Affected Versions: octagonwebstudio Premium Addons for KingComposer versions through 1.1.1 Description: A flaw exists in the file handling mechanism within octagonwebstudio Premium Addons for KingComposer, allowing for PHP Local File Inclusion. This issue stems...

8.1CVSS6.4AI score0.00434EPSS
Exploits0References3
OSV
OSV
added 2025/07/04 8:15 a.m.5 views

CVE-2024-11937

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/04 7:22 a.m.2 views

CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS5.7AI score0.00165EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.7 views

PT-2025-27862 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.69 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the linkURL of the Mobile Menu...

6.4CVSS6.5AI score0.00165EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.4 views

WordPress plugin Premium Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.8AI score0.00165EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/12 12:21 p.m.10 views

CVE-2025-4774

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 12:15 p.m.5 views

CVE-2025-4774

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.4CVSS5.9AI score0.00218EPSS
Exploits0References2
NVD
NVD
added 2025/06/10 12:15 p.m.22 views

CVE-2025-4774

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2025/06/10 11:22 a.m.67 views

CVE-2025-4774

The CVE-2025-4774 entry concerns the Premium Addons for Elementor WordPress plugin. A Stored Cross-Site Scripting (XSS) flaw exists in the Countdown widget via the data-countdown attribute due to insufficient input sanitization and output escaping. The vulnerability is present in all versions up ...

6.4CVSS6AI score0.00218EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/10 11:22 a.m.23 views

CVE-2025-4774 Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.2 views

WordPress plugin Premium Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS6AI score0.00218EPSS
Exploits0References3
Rows per page
Query Builder