WordPress Stratum plugin <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Stratum versions = 1.6.0...

CVE-2025-69013 WordPress Stratum plugin <= 1.6.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in jetmonsters Stratum stratum allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stratum: from n/a through = 1.6.1...

CVE-2025-69013

Technical details about CVE-2025-69013 are not provided in the supplied documents. No information on affected product/version, root cause, impact, or fixes is available here. Monitor for updates or official advisories for specifics.

WordPress Stratum plugin <= 1.6.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Stratum versions = 1.6.1...

WordPress Stratum plugin cross-site scripting vulnerability

WordPress Stratum plugin is a third-party extension plugin that is mainly used to enhance page building functionality. It offers 20+ free business-oriented extension components that support automatic adaptation of the current theme's visual style while keeping the site running efficiently...

CVE-2025-7845 Stratum – Elementor Widgets <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Google Maps and Image Hotspot Widgets

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...

WordPress plugin Stratum 跨站脚本漏洞

WordPress Stratum plugin is a third-party extension plugin that is mainly used to enhance page building functionality. It offers 20+ free business-oriented extension components that support automatic adaptation of the current theme's visual style while keeping the site running efficiently...

WordPress Stratum plugin <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerability via Image Hotspot Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting Vulnerability via Image Hotspot Widget vulnerability discovered by zer0gh0st in WordPress Plugin Stratum versions = 1.4.7...

PT-2025-2233 · WordPress · Stratum – Elementor Widgets

Name of the Vulnerable Software and Affected Versions: Stratum – Elementor Widgets plugin for WordPress versions up to, and including, 1.4.7 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the Image Hotspot widget, allowing...

CVE-2024-10316

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4 in includes/templates/content-switcher.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...

WordPress plugin Stratum 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Stratum Plugin <= 1.4.4 is vulnerable to Sensitive Data Exposure

Software Stratum Type Plugin Vulnerable versions = 1.4.4 Fixed in 1.4.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10316 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID eaf2b73a0382 Credits Ankit Patel Required privilege...

CVE-2024-5611

The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Plugin Stratum 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Stratum Plugin <= 1.3.15 is vulnerable to Cross Site Scripting (XSS)

Software Stratum Type Plugin Vulnerable versions = 1.3.15 Fixed in 1.3.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3d8d138923e6 Credits Khalid Yusuf Required privilege Contributor...