15 matches found
CVE-2025-64361
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through = 1.4.2...
PT-2025-44610
Name of the Vulnerable Software and Affected Versions StylemixThemes Consulting versions prior to 6.7.5 Description An improper control of filename for include/require statement exists in StylemixThemes Consulting, potentially leading to PHP Local File Inclusion. This issue allows for the inclusi...
EUVD-2023-41286
Malicious code in bioql PyPI...
CVE-2023-37385
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6...
CVE-2024-37090
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: fro...
CVE-2024-37092
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...
CVE-2024-37092
CVE-2024-37092 affects Consulting Elementor Widgets (StylemixThemes) for WordPress up to version 1.3.0. The issue is an improper limitation of a pathname to a restricted directory, enabling PHP Local File Inclusion (LFI). Public Wordfence entries indicate both unauthenticated and authenticated LF...
CVE-2024-37091
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0;...
CVE-2024-37089
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...
CVE-2024-37091
CVE-2024-37091 describes an OS Command Injection in StylemixThemes Consulting Elementor Widgets and StylemixThemes Masterstudy Elementor Widgets. Underlying issue is improper neutralization of command elements that enables injection via affected widgets. Affected: Consulting Elementor Widgets up ...
CVE-2024-37089
CVE-2024-37089 is an instance of an Unauthenticated Local File Inclusion via path traversal in the WordPress plugin Consulting Elementor Widgets (affected versions: up to 1.3.0). The root cause is an improper limitation of a pathname to a restricted directory, enabling an attacker to access arbit...
PT-2024-27290 · Stylemixthemes · Stylemixthemes Consulting Elementor Widgets +1
Name of the Vulnerable Software and Affected Versions: StylemixThemes Consulting Elementor Widgets versions 1.3.0 and earlier StylemixThemes Masterstudy Elementor Widgets versions 1.2.2 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in a...
CVE-2023-37385
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6...
CVE-2023-37385
CVE-2023-37385 affects Stylemixthemes Consulting (WordPress plugin/theme) up to version 6.5.6. The issue is an improper pathname restriction leading to PHP Local File Inclusion (path traversal). Fixed in 6.5.7. CVSS v3.1 base score 7.3 (HIGH); attack vector NETWORK, no user interaction required. ...
PT-2024-12606 · Stylemixthemes · Stylemixthemes Consulting
Name of the Vulnerable Software and Affected Versions: StylemixThemes Consulting versions through 6.5.6 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This allows PHP Local File Inclusion, which ca...