386 matches found
EUVD-2024-29174
Malicious code in bioql PyPI...
EUVD-2021-34630
Malicious code in bioql PyPI...
EUVD-2024-44013
Malicious code in bioql PyPI...
EUVD-2024-32453
Malicious code in bioql PyPI...
EUVD-2024-22194
Malicious code in bioql PyPI...
EUVD-2024-16172
Malicious code in bioql PyPI...
EUVD-2023-38136
Malicious code in bioql PyPI...
CVE-2025-49036
CVE-2025-49036 is a Local File Inclusion vulnerability in WordPress Premium Addons for KingComposer (versions up to 1.1.1). The issue arises from improper control of filename handling for include/require statements in PHP, enabling an attacker to potentially include local files. No exploit vector...
CVE-2025-49036 WordPress Premium Addons for KingComposer Plugin <= 1.1.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in octagonwebstudio Premium Addons for KingComposer premium-addons-for-kingcomposer allows PHP Local File Inclusion.This issue affects Premium Addons for KingComposer: from n/a...
PT-2025-33176 · WordPress · Octagonwebstudio Premium Addons For Kingcomposer
Name of the Vulnerable Software and Affected Versions: octagonwebstudio Premium Addons for KingComposer versions through 1.1.1 Description: A flaw exists in the file handling mechanism within octagonwebstudio Premium Addons for KingComposer, allowing for PHP Local File Inclusion. This issue stems...
CVE-2024-11937
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2024-11937 Premium Addons for Elementor <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's linkURL in the Mobile Menu element in all versions up to, and including, 4.10.69 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
PT-2025-27862 · WordPress · Premium Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.69 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the linkURL of the Mobile Menu...
WordPress plugin Premium Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2025-4774
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-4774
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-4774
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-4774
The CVE-2025-4774 entry concerns the Premium Addons for Elementor WordPress plugin. A Stored Cross-Site Scripting (XSS) flaw exists in the Countdown widget via the data-countdown attribute due to insufficient input sanitization and output escaping. The vulnerability is present in all versions up ...
CVE-2025-4774 Premium Addons for Elementor <= 4.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, and including, 4.11.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress plugin Premium Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...