119 matches found
EUVD-2023-27909
Malicious code in bioql PyPI...
CVE-2025-8146
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8146
CVE-2025-8146 : Qi Addons For Elementor (WordPress) is vulnerable to Stored Cross-Site Scripting via the TypeOut Text widget in all versions up to and including 1.9.2, due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access at cont...
PT-2025-31722 · WordPress · Qi Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to and including 1.9.2 Description: The Qi Addons For Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the TypeOut Text widget. Insufficient input...
CVE-2024-1458
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textalignment’ attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5263
The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Motion Text and Table widgets in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-31346
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Text Widget for Elementor: from n/a through 1.0.1...
CVE-2023-26539
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Max Chirkov Advanced Text Widget plugin = 2.1.2 versions...
CVE-2023-23823
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...
CVE-2023-49192
Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...
CVE-2023-26520
Missing Authorization vulnerability in Max Chirkov Advanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through 2.1.2...
CVE-2025-1571
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...
WordPress Exclusive Addons for Elementor plugin <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Exclusive Addons Elementor versions = 2.7.6...
CVE-2023-49192
Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...
CVE-2023-26520
Missing Authorization vulnerability in Max Chirkov Advanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through 2.1.2...
CVE-2023-23823
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...
CVE-2023-23823 WordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...
CVE-2023-23823 WordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...