Lucene search
K

119 matches found

CVE
CVE
added 2024/12/09 11:31 a.m.50 views

CVE-2023-23823

CVE-2023-23823 refers to a missing authorization vulnerability in the WordPress plugin Enhanced Text Widget up to version 1.5.8 . The underlying issue is a failure in access control (broken authorization) that could allow unauthorized actions on the widget. The CVSS base score is 4.3 (Medium) , w...

4.3CVSS8.6AI score0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.11 views

CVE-2023-26520 WordPress Advanced Text Widget plugin <= 2.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Max Chirkov Advanced Text Widget advanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through = 2.1.2...

5.3CVSS7.3AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.46 views

CVE-2023-26520 WordPress Advanced Text Widget plugin <= 2.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Max Chirkov Advanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Text Widget : from n/a through 2.1.2...

5.3CVSS0.00431EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-13689 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.6.3 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

5.3CVSS9.4AI score0.00457EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.6 views

WordPress plugin Enhanced Text Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS8.7AI score0.00457EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.2 views

WordPress plugin Advanced Text Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS8.3AI score0.00431EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.3 views

WordPress plugin Enhanced Text Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.8AI score0.00486EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.6 views

PT-2024-12001 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.5.8 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

4.3CVSS9.4AI score0.00486EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/11 11:11 p.m.5 views

WordPress Essential Addons for Elementor plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Fancy Text Widget vulnerability discovered by Robert DeVore in WordPress Plugin Essential Addons for Elementor versions = 6.0.3...

6.4CVSS5.8AI score0.00363EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/09/11 7:15 a.m.8 views

CVE-2024-8440

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output...

5.4CVSS5.9AI score0.00363EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.6 views

WordPress plugin Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.9AI score0.00363EPSS
Exploits0References5
OSV
OSV
added 2024/07/12 1:15 p.m.5 views

CVE-2024-6495

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS5.9AI score0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/12 12:46 p.m.26 views

CVE-2024-6495 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00311EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/12 6:55 a.m.6 views

WordPress Premium Addons for Elementor plugin <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Animated Text Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.36...

6.4CVSS6.1AI score0.00311EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.3 views

WordPress plugin Premium Addons for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in th...

6.4CVSS6.5AI score0.00311EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/12 12:0 a.m.8 views

PT-2024-37669 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.36 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the Animated Text widget. This allo...

6.4CVSS6.9AI score0.00311EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/15 12:0 a.m.3 views

PT-2024-35403 · WordPress · Elementskit Pro

Name of the Vulnerable Software and Affected Versions: ElementsKit Pro plugin for WordPress versions up to, and including, 3.6.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the Motion Text and Table widgets. This allows...

6.4CVSS7.2AI score0.00263EPSS
Exploits0References4
OSV
OSV
added 2024/05/31 6:15 a.m.5 views

CVE-2024-4376

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS5.9AI score0.00332EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/31 12:0 a.m.6 views

PT-2024-30638 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.31 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Fancy Text widget due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00332EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/04/26 9:39 a.m.6 views

WordPress Enhanced Text Widget plugin <= 1.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Enhanced Text Widget versions = 1.6.4...

7AI score0.00208EPSS
Exploits0Affected Software1
Rows per page
Query Builder