Lucene search
+L

97 matches found

Cvelist
Cvelist
added 2024/07/02 7:40 a.m.30 views

CVE-2024-37479 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Contributor+ Local File Inclusion vulnerability

Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progresstype" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1...

8.5CVSS0.00443EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/02 7:34 a.m.6 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.8.1...

8.8CVSS7AI score0.00443EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/07/02 5:15 a.m.11 views

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS6.3AI score0.00955EPSS
Exploits0References2
NVD
NVD
added 2024/07/02 5:15 a.m.30 views

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS0.00955EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/02 4:31 a.m.24 views

CVE-2024-5349 LA-Studio Element Kit for Elementor <= 1.3.8.1 - Authenticated (Contributor+) Local File Inclusion

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS7.7AI score0.00955EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/02 12:0 a.m.18 views

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.3.8.1 is vulnerable to Local File Inclusion

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.3.8.1 Fixed in 1.3.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-37479 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID ddb890f0e5f3 Credits João Pedro S Alcânta...

8.5CVSS6.9AI score0.00443EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.7 views

WordPress plugin LA-Studio Element Kit for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.6AI score0.00443EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.7 views

WordPress plugin LA-Studio Element Kit for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.6AI score0.00955EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/10 12:0 a.m.8 views

WordPress plugin LA-Studio Element Kit for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.7AI score0.00356EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/06/06 12:40 p.m.6 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.6...

8.8CVSS7AI score0.00356EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/23 9:54 a.m.7 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.7.6...

6.4CVSS5.7AI score0.00426EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/23 12:0 a.m.6 views

WordPress plugin LA-Studio Element Kit for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.5AI score0.00426EPSS
Exploits0References11
OSV
OSV
added 2024/03/14 10:15 p.m.5 views

CVE-2024-2249

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including, 1.3.7.4 due to insufficient input sanitization and output escaping the user supplied attribute. Th...

5.4CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2024/03/14 10:15 p.m.21 views

CVE-2024-2249

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets in all versions up to, and including, 1.3.7.4 due to insufficient input sanitization and output escaping the user supplied attribute. Th...

6.4CVSS5.7AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.11 views

PT-2024-19446 · WordPress · La-Studio Element Kit For Elementor

Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions up to, and including, 1.3.7.4 Description: The issue is related to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widgets. This is due to insufficie...

6.4CVSS7.8AI score0.0032EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/03/14 12:0 a.m.7 views

WordPress Plugin LA-Studio Element Kit for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.9AI score0.0032EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/12/26 12:0 a.m.12 views

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.1.5 is vulnerable to Broken Access Control

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-50884 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 0dcf79343479 Credits thiennv...

6.6AI score0.00548EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder