Lucene search
K

258 matches found

cvelist
cvelist
added 2020/05/17 12:39 a.m.37 views

CVE-2020-13125

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled...

7.2CVSS8AI score0.02307EPSS
Exploits0References2
cve
cve
added 2020/05/17 12:39 a.m.170 views

CVE-2020-13125

The CVE-2020-13125 entry concerns the Ultimate Addons for Elementor WordPress plugin (

7.2CVSS7.7AI score0.02307EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2020/05/17 12:0 a.m.5 views

PT-2020-13342

Name of the Vulnerable Software and Affected Versions Ultimate Addons for Elementor plugin versions prior to 1.24.2 Description An issue in the Ultimate Addons for Elementor plugin allows unauthenticated attackers to create users with the Subscriber role, even when registration is disabled. This...

7.2CVSS6.8AI score0.02307EPSS
Exploits0References8
vulncheck_kev
vulncheck_kev
added 2020/05/17 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-13125

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled...

9.9CVSS6.8AI score0.08565EPSS
Exploits1References1
wpvulndb
wpvulndb
added 2020/05/07 12:0 a.m.20 views

Elementor Pro < 2.9.4 - Authenticated Arbitrary File Upload

According to Jerome Bruandet, from NintechNet, the vulnerability, currently exploited by attackers, allows any logged-in user to upload and execute PHP scripts on the blog. Chloe Chamberland from Wordfence also confirmed the issue and added that "This vulnerability is being used in conjunction wi...

6.5CVSS0.1AI score0.08565EPSS
Exploits1References2Affected Software1
wpvulndb
wpvulndb
added 2020/05/07 12:0 a.m.101 views

Ultimate Addons for Elementor < 1.24.2 - Registration Bypass

"The Ultimate Addons for Elementor plugin recently patched a vulnerability in version 1.24.2 that allows attackers to create subscriber-level users, even if registration is disabled on a WordPress site." This vulnerability is being used in conjunction with a 0-day vulnerability in Elementor PRO...

6.4CVSS4.3AI score0.02307EPSS
Exploits0References1Affected Software1
wpvulndb
wpvulndb
added 2020/04/08 12:0 a.m.14 views

Gutenberg Blocks - Ultimate Addons for Gutenberg < 1.14.8 - Authenticated Settings Change

The Gutenberg Blocks – Ultimate Addons for Gutenberg WordPress plugin was affected by an Ultimate Addons for Gutenberg 1.14.8 - Authenticated Settings Change security vulnerability...

2.2AI score
Exploits0References1Affected Software1
threatpost
threatpost
added 2020/01/30 9:49 p.m.67 views

200K WordPress Sites Vulnerable to Plugin Flaw

A high-severity vulnerability exists in a popular WordPress plugin, potentially opening up 200,000 websites to takeover. The WordPress plugin in question in Code Snippets, which allows users to run small chunks of PHP code on their websites. This can be used to extend the functionality of the...

6.8CVSS0.7AI score0.11905EPSS
Exploits2References6
patchstack
patchstack
added 2020/01/22 12:0 a.m.17 views

WordPress Ultimate Addons for Beaver Builder <= 1.24.3 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered in WordPress Ultimate Addons for Beaver Builder versions = 1.24.3. Solution Update the WordPress Ultimate Addons for Beaver Builder to the latest available version at least 1.25.0...

1.7AI score
Exploits0References1Affected Software1
cnvd
cnvd
added 2020/01/02 12:0 a.m.1 views

Wordpress Ultimate Addons for Beaver Builder Authentication Bypass Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. An authentication bypass vulnerability exists in Wordpress Ultimate Addons for Beaver...

6.8AI score
Exploits0References1
packetstorm
packetstorm
added 2019/12/31 12:0 a.m.160 views

WordPress Ultimate Addons For Beaver Builder 1.2.4.1 Authentication Bypass

Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Date: 2019-12-21 Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version: Ultimate Addons for Beaver Builder | || | |/| / /| / //\ | /|//|||| / / / /...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/12/31 12:0 a.m.22 views

Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass

Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Date: 2019-12-21 Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version:...

0.5AI score
Exploits0
zdt
zdt
added 2019/12/31 12:0 a.m.95 views

Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Exploit

Exploit for php platform in category web applications Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version: Ultimate Addons for Beaver Builder | || |...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2019/12/31 12:0 a.m.100 views

WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass

Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Date: 2019-12-21 Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version: Ultimate Addons for Beaver Builder | || | |/| / /| / //\ | /|//|||| / / / /...

7AI score
Exploits0
thn
thn
added 2019/12/13 10:21 a.m.6 views

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder ," or "Ultimate Addons for Elementor " and haven't recently updated them to the latest available versions. Security researchers have discovered a critical yet easy-to-exploit...

5.8AI score
Exploits0
patchstack
patchstack
added 2019/12/12 12:0 a.m.16 views

WordPress Ultimate Addons for Elementor plugin <= 1.20.0 - Authentication Bypass vulnerability

Authentication Bypass vulnerability found by MalCare in WordPress Ultimate Addons for Elementor plugin versions = 1.20.0. Solution Update the WordPress Ultimate Addons for Elementor plugin to the latest available version at least 1.20.1...

3.7AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2019/12/12 12:0 a.m.11 views

WordPress Ultimate Addons for Beaver Builder plugin <= 1.24.0 - Authentication Bypass vulnerability

Authentication Bypass vulnerability found by MalCare in WordPress Ultimate Addons for Beaver Builder plugin versions = 1.24.0. Solution Update the WordPress Ultimate Addons for Beaver Builder plugin to the latest available version at least 1.24.1...

3.6AI score
Exploits0References3Affected Software1
zdt
zdt
added 2015/09/10 12:0 a.m.31 views

Wordpress Crash Ultimate Addons for Visual Composer Vulnerability

Exploit for php platform in category web applications / + Exploit Title : Wordpress Crash Ultimate Addons for Visual Composer vulnerability + Exploit Author : Ashiyane Digital Security Team + Tested on : Windows - Firefox + Vendor Homepage :...

7.1AI score
Exploits0
Rows per page
Query Builder