Lucene search
K

119 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-27909

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/04 9:33 a.m.12 views

CVE-2025-8146

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/02 4:24 a.m.9 views

CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/02 4:24 a.m.7 views

CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00228EPSS
Exploits0References3
CVE
CVE
added 2025/08/02 4:24 a.m.22 views

CVE-2025-8146

CVE-2025-8146 : Qi Addons For Elementor (WordPress) is vulnerable to Stored Cross-Site Scripting via the TypeOut Text widget in all versions up to and including 1.9.2, due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access at cont...

6.4CVSS5.9AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/02 12:0 a.m.7 views

PT-2025-31722 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to and including 1.9.2 Description: The Qi Addons For Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the TypeOut Text widget. Insufficient input...

6.4CVSS5.8AI score0.00228EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 10:11 a.m.6 views

CVE-2024-1458

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textalignment’ attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00427EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.5 views

CVE-2024-5263

The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Motion Text and Table widgets in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.5 views

CVE-2024-31346

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Text Widget for Elementor: from n/a through 1.0.1...

6.5CVSS8.6AI score0.0032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:29 a.m.8 views

CVE-2023-26539

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Max Chirkov Advanced Text Widget plugin = 2.1.2 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.7 views

CVE-2023-23823

Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...

4.3CVSS8.6AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.5 views

CVE-2023-49192

Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...

5.3CVSS7.3AI score0.00457EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.9 views

CVE-2023-26520

Missing Authorization vulnerability in Max Chirkov Advanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through 2.1.2...

5.3CVSS8AI score0.00431EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 7:15 a.m.5 views

CVE-2025-1571

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This...

5.4CVSS5.9AI score0.0027EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/02/27 11:29 p.m.5 views

WordPress Exclusive Addons for Elementor plugin <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Animated Text and Image Comparison Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Exclusive Addons Elementor versions = 2.7.6...

6.4CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/12/09 1:15 p.m.8 views

CVE-2023-49192

Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...

5.3CVSS0.00457EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.16 views

CVE-2023-26520

Missing Authorization vulnerability in Max Chirkov Advanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through 2.1.2...

5.3CVSS0.00431EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.21 views

CVE-2023-23823

Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...

4.3CVSS0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.17 views

CVE-2023-23823 WordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...

4.3CVSS8.6AI score0.00486EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.33 views

CVE-2023-23823 WordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8...

4.3CVSS0.00486EPSS
Exploits0References1
Rows per page
Query Builder