Lucene search
K

40 matches found

Cvelist
Cvelist
added 2024/03/28 6:7 a.m.23 views

CVE-2023-34370 Server Side Request Forgery (SSRF) vulnerability in Starter Templates plugins

Server-Side Request Forgery SSRF vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4; Premiu...

7.1CVSS7.2AI score0.00322EPSS
Exploits0References2
CVE
CVE
added 2024/03/07 5:32 a.m.59 views

CVE-2024-1500

CVE-2024-1500 concerns the Royal Elementor Addons and Templates plugin for WordPress. It describes Stored Cross-Site Scripting via the Logo Widget in all versions up to 1.3.91, caused by insufficient input sanitization and output escaping on user-supplied URLs. The vulnerability allows authentica...

5.4CVSS5.6AI score0.00443EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/02/29 1:43 a.m.27 views

CVE-2024-0516

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to unauthorized post metadata update due to a missing capability check on the wprupdateformactionmeta function in all versions up to, and including, 1.3.87. This makes it possible for unauthenticated attackers to update...

5.3CVSS5.1AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2024/02/29 1:43 a.m.7 views

CVE-2024-0512

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the addtowishlist function. This makes it possible for unauthenticated attackers to add...

4.3CVSS7.2AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.21 views

CVE-2024-0515 Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_compare

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the removefromcompare function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.6AI score0.00208EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/08 5:33 a.m.28 views

CVE-2024-0511 Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via wpr_update_form_action_meta

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.87. This is due to missing or incorrect nonce validation on the wprupdateformactionmeta function. This makes it possible for unauthenticated attacker...

4.3CVSS4.5AI score0.00196EPSS
Exploits0References2
OSV
OSV
added 2024/01/16 4:15 p.m.4 views

CVE-2023-5922

The Royal Elementor Addons and Templates WordPress plugin before 1.3.81 does not ensure that users accessing posts via an AJAX action and REST endpoint, currently disabled in the plugin have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protect...

7.5CVSS5.9AI score0.0071EPSS
Exploits2References1
Prion
Prion
added 2023/11/16 7:15 p.m.15 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ioannup Edit WooCommerce Templates plugin = 1.1.1 versions...

5.8CVSS6.1AI score0.00412EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/07 5:23 p.m.7 views

CVE-2022-47181 WordPress Email Templates plugin <= 1.4.2 - Cross Site Request Forgery (CSRF)

A vulnerability in Saad Iqbal Email Templates email-templates.This issue affects Email Templates: from n/a through = 1.4.2...

4.3CVSS8.5AI score0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/07 5:23 p.m.23 views

CVE-2022-47181 WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in wpexpertsio Email Templates Customizer and Designer for WordPress and WooCommerce email-templates allows Cross Site Request Forgery.This issue affects Email Templates Customizer and Designer for WordPress and WooCommerce: from n/a through 1.4.2...

4.3CVSS8.9AI score0.00277EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.10 views

WordPress Plugin Royal Elementor Addons and Templates Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

9.8CVSS7.7AI score0.81695EPSS
Exploits18References5
OSV
OSV
added 2023/10/06 1:15 p.m.7 views

CVE-2022-47175

Cross-Site Request Forgery CSRF vulnerability in P Royal Royal Elementor Addons and Templates plugin = 1.3.75 versions...

8.8CVSS5.8AI score0.00214EPSS
Exploits0References1
Prion
Prion
added 2023/10/06 1:15 p.m.24 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in P Royal Royal Elementor Addons and Templates plugin = 1.3.75 versions...

6.8CVSS8.7AI score0.00214EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/06/07 2:15 a.m.4 views

CVE-2019-25150

The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...

8.8CVSS5.5AI score0.01201EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.14 views

CVE-2019-25150 Email Templates <= 1.3 - HTML Injection

The Email Templates plugin for WordPress is vulnerable to HTML Injection in versions up to, and including, 1.3. This makes it possible for attackers to present phishing forms or conduct cross-site request forgery attacks against site administrators...

8.8CVSS7.1AI score0.01201EPSS
Exploits1References3
OSV
OSV
added 2023/05/23 2:15 p.m.3 views

CVE-2022-46851

Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force Starter Templates plugin = 3.1.20 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2023/05/23 1:7 p.m.42 views

CVE-2022-46851

CVE-2022-46851 is a CSRF vulnerability in the Brainstorm Force Starter Templates plugin for WordPress, affecting versions

8.8CVSS6.5AI score0.00256EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/25 11:46 a.m.35 views

CVE-2023-25490

CVE-2023-25490 concerns the WordPress plugin Archivist – Custom Archive Templates (versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
Wordfence Blog
Wordfence Blog
added 2021/11/11 3:1 p.m.34 views

Over 1 Million Sites Impacted by Vulnerability in Starter Templates Plugin

On October 4, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for the Starter Templates plugin, which is installed on over 1 Million WordPress websites. The full name of the WordPress plugin is “Starter Templates — Elementor, Gutenberg & Beaver Builder...

3.5CVSS6.2AI score0.00585EPSS
Exploits1
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.3 views

WordPress Rife Elementor Extensions & Templates 跨站脚本漏洞

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Rife Elementor Extensions&Templates Plugin versions prior to 1.1.6. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

5.4CVSS5.3AI score0.00556EPSS
Exploits0References3
Rows per page
Query Builder