Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2025/11/01 12:4 p.m.17 views

CVE-2025-64361

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StylemixThemes Consulting Elementor Widgets consulting-elementor-widgets allows DOM-Based XSS.This issue affects Consulting Elementor Widgets: from n/a through = 1.4.2...

6.5CVSS6.4AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.5 views

PT-2025-44610

Name of the Vulnerable Software and Affected Versions StylemixThemes Consulting versions prior to 6.7.5 Description An improper control of filename for include/require statement exists in StylemixThemes Consulting, potentially leading to PHP Local File Inclusion. This issue allows for the inclusi...

7.5CVSS6.5AI score0.00381EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-41286

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.6 views

CVE-2023-37385

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6...

7.3CVSS6.9AI score0.00503EPSS
Exploits0
OSV
OSV
added 2024/07/09 10:15 a.m.3 views

CVE-2024-37090

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: fro...

8.8CVSS5.8AI score0.0053EPSS
Exploits0References2
NVD
NVD
added 2024/06/24 1:15 p.m.19 views

CVE-2024-37092

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...

8.8CVSS0.00525EPSS
Exploits0References1
CVE
CVE
added 2024/06/24 12:23 p.m.50 views

CVE-2024-37092

CVE-2024-37092 affects Consulting Elementor Widgets (StylemixThemes) for WordPress up to version 1.3.0. The issue is an improper limitation of a pathname to a restricted directory, enabling PHP Local File Inclusion (LFI). Public Wordfence entries indicate both unauthenticated and authenticated LF...

8.8CVSS8.7AI score0.00525EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/24 12:15 p.m.4 views

CVE-2024-37091

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0;...

8.8CVSS5.8AI score0.01243EPSS
Exploits0References2
NVD
NVD
added 2024/06/24 12:15 p.m.20 views

CVE-2024-37089

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0...

9.8CVSS0.00609EPSS
Exploits0References1
CVE
CVE
added 2024/06/24 12:9 p.m.70 views

CVE-2024-37091

CVE-2024-37091 describes an OS Command Injection in StylemixThemes Consulting Elementor Widgets and StylemixThemes Masterstudy Elementor Widgets. Underlying issue is improper neutralization of command elements that enables injection via affected widgets. Affected: Consulting Elementor Widgets up ...

9.9CVSS9.3AI score0.01243EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/06/24 12:7 p.m.53 views

CVE-2024-37089

CVE-2024-37089 is an instance of an Unauthenticated Local File Inclusion via path traversal in the WordPress plugin Consulting Elementor Widgets (affected versions: up to 1.3.0). The root cause is an improper limitation of a pathname to a restricted directory, enabling an attacker to access arbit...

9.8CVSS9.4AI score0.00609EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/24 12:0 a.m.4 views

PT-2024-27290 · Stylemixthemes · Stylemixthemes Consulting Elementor Widgets +1

Name of the Vulnerable Software and Affected Versions: StylemixThemes Consulting Elementor Widgets versions 1.3.0 and earlier StylemixThemes Masterstudy Elementor Widgets versions 1.2.2 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in a...

9.9CVSS7.6AI score0.01243EPSS
Exploits0References7
NVD
NVD
added 2024/05/17 7:15 a.m.14 views

CVE-2023-37385

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6...

7.3CVSS7.2AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 6:47 a.m.54 views

CVE-2023-37385

CVE-2023-37385 affects Stylemixthemes Consulting (WordPress plugin/theme) up to version 6.5.6. The issue is an improper pathname restriction leading to PHP Local File Inclusion (path traversal). Fixed in 6.5.7. CVSS v3.1 base score 7.3 (HIGH); attack vector NETWORK, no user interaction required. ...

7.3CVSS6.8AI score0.00503EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.4 views

PT-2024-12606 · Stylemixthemes · Stylemixthemes Consulting

Name of the Vulnerable Software and Affected Versions: StylemixThemes Consulting versions through 6.5.6 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This allows PHP Local File Inclusion, which ca...

7.3CVSS7.1AI score0.00503EPSS
Exploits0References4
Rows per page
Query Builder