CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

124 matches found

NVD•added 2026/04/08 5:16 a.m.•1 views

CVE-2026-4341

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'followustext' setting of the Mount widget in all versions up to, and including, 4.1.10. This is due to insufficient input sanitization and output escaping. Specifically, the...

6.4CVSS0.00015EPSS

Exploits0References6

Cvelist•added 2026/04/08 3:36 a.m.•17 views

CVE-2026-4341 Prime Slider <= 4.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'follow_us_text' Parameter

6.4CVSS0.00015EPSS

Exploits0References6

Vulnrichment•added 2026/04/08 3:36 a.m.•1 views

CVE-2026-4341 Prime Slider <= 4.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'follow_us_text' Parameter

6.4CVSS6.1AI score0.00015EPSS

Exploits0References6

CVE•added 2026/04/08 3:36 a.m.•4 views

CVE-2026-4341

CVE-2026-4341 covers a Stored Cross-Site Scripting vulnerability in the Prime Slider – Addons for Elementor plugin for WordPress (versions up to and including 4.1.10). The root cause is insufficient input sanitization and output escaping in the Mount widget’s render_social_link() function, which ...

6.4CVSS6.1AI score0.00015EPSS

Exploits0References6

CNNVD•added 2026/04/08 12:0 a.m.•2 views

WordPress plugin Prime Slider – Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to th...

6.4CVSS5.6AI score0.00015EPSS

Exploits0References6

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31081

Name of the Vulnerable Software and Affected Versions Prime Slider – Addons for Elementor plugin for WordPress versions up to and including 4.1.10 Description The Prime Slider – Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient...

6.4CVSS5.9AI score0.00015EPSS

Exploits0References10

Patchstack•added 2026/04/07 11:11 p.m.•4 views

WordPress Prime Slider plugin <= 4.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'follow_us_text' Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'followustext' Parameter vulnerability discovered by WordFence in WordPress Plugin Prime Slider – Addons For Elementor versions = 4.1.10...

6.4CVSS5.9AI score0.00015EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/02/02 9:15 a.m.•4 views

WordPress Prime Slider - Addons For Elementor plugin <= 3.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pagepiling Widget vulnerability

WordPress Prime Slider - Addons For Elementor plugin = 3.14.1 - Authenticated Contributor+ Stored Cross-Site Scripting via Pagepiling Widget vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.14.1...

6.4CVSS5.3AI score0.00201EPSS

Exploits0References1Affected Software1

CNVD•added 2025/12/30 12:0 a.m.•2 views

WordPress Prime Slider - Addons For Elementor plugin server-side request forgery vulnerability

WordPress Prime Slider - Addons For Elementor plugin is a free plugin for Elementor page builder designed to help users easily create various interactive responsive sliders. The WordPress Prime Slider - Addons For Elementor plugin suffers from a server-side request forgery vulnerability, which...

9.1CVSS6.9AI score0.00009EPSS

Exploits0References1

RedhatCVE•added 2025/12/25 1:23 p.m.•2 views

CVE-2025-68500

Server-Side Request Forgery SSRF vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through = 4.0.10...

4.9CVSS7AI score0.00009EPSS

Exploits0References1

EUVD•added 2025/12/24 3:30 p.m.•2 views

EUVD-2025-205209

9.1CVSS6.5AI score0.00009EPSS

Exploits0References2

NVD•added 2025/12/24 1:16 p.m.•1 views

CVE-2025-68500

4.9CVSS0.00009EPSS

Exploits0References1

Cvelist•added 2025/12/24 12:31 p.m.•24 views

CVE-2025-68500 WordPress Prime Slider – Addons For Elementor plugin <= 4.0.10 - Server Side Request Forgery (SSRF) vulnerability

4.9CVSS0.00009EPSS

Exploits0References1

Vulnrichment•added 2025/12/24 12:31 p.m.•2 views

CVE-2025-68500 WordPress Prime Slider – Addons For Elementor plugin <= 4.0.10 - Server Side Request Forgery (SSRF) vulnerability

4.9CVSS6.6AI score0.00009EPSS

Exploits0References1

CVE•added 2025/12/24 12:31 p.m.•6 views

CVE-2025-68500

The CVE-2025-68500 entry describes a Server-Side Request Forgery (SSRF) in the WordPress plugin Prime Slider – Addons For Elementor (bdthemes-prime-slider-lite). Affected component: bdthemes Prime Slider – Addons For Elementor, via the lite variant; vulnerable version range: up to and including 4...

4.9CVSS6.6AI score0.00009EPSS

Exploits0References1

CNNVD•added 2025/12/24 12:0 a.m.•2 views

WordPress plugin Prime Slider – Addons For Elementor 安全漏洞

4.9CVSS6.8AI score0.00009EPSS

Exploits0References1

Positive Technologies•added 2025/12/24 12:0 a.m.•1 views

PT-2025-53078

Name of the Vulnerable Software and Affected Versions bdthemes Prime Slider – Addons For Elementor versions through 4.0.10 Description A Server-Side Request Forgery SSRF issue exists in bdthemes Prime Slider – Addons For Elementor. This allows for Server Side Request Forgery. The issue is present...

9.1CVSS6.6AI score0.00009EPSS

Exploits0References4

RedhatCVE•added 2025/12/19 1:9 p.m.•1 views

CVE-2025-14277

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the importelementortemplate AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make we...

4.3CVSS5.8AI score0.00034EPSS

Exploits0References1

Patchstack•added 2025/12/18 9:44 p.m.•3 views

WordPress Prime Slider – Addons for Elementor plugin <= 4.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Deadbee - NA in WordPress Plugin Prime Slider – Addons For Elementor versions = 4.0.9...

4.3CVSS6.8AI score0.00034EPSS

Exploits0References1Affected Software1

NVD•added 2025/12/18 1:15 p.m.•2 views

CVE-2025-14277

4.3CVSS0.00034EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by