CVE-2026-24362

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

EUVD-2026-15557

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

CVE-2026-24362

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

CVE-2026-24362 WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

CVE-2026-24362

CVE-2026-24362 is a concrete, vendor-confirmed vulnerability affecting Ultimate Post Kit Addons for Elementor (bdthemes Ultimate Post Kit)

CVE-2026-24362 WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

WordPress plugin Ultimate Post Kit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

PT-2026-27849

Name of the Vulnerable Software and Affected Versions bdthemes Ultimate Post Kit versions through 4.0.21 Description An authorization issue exists in bdthemes Ultimate Post Kit, allowing exploitation due to incorrectly configured access control security levels. The issue impacts the...

WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Ultimate Post Kit versions = 4.0.21...

WordPress Ultimate Post Kit plugin < 4.0.16 - Unauthenticated Arbitrary Post Content Disclosure vulnerability

Unauthenticated Arbitrary Post Content Disclosure vulnerability discovered by Drtime in WordPress Plugin Ultimate Post Kit versions 4.0.16...

CVE-2025-14434

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upkalexgridloadmoreposts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

CVE-2025-14434 Ultimate Post Kit < 4.0.16 – Unauthenticated Arbitrary Post Content Disclosure

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upkalexgridloadmoreposts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

CVE-2025-14434 Ultimate Post Kit < 4.0.16 – Unauthenticated Arbitrary Post Content Disclosure

The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0.16 exposes multiple AJAX “load more” endpoints such as upkalexgridloadmoreposts without ensuring that posts to be displayed are published authentication. This allows an unauthenticated attacker to query arbitrary posts and...

CVE-2025-14434

CVE-2025-14434 affects the WordPress plugin “Ultimate Post Kit Addons for Elementor” (versions prior to 4.0.16). The issue arises from multiple AJAX endpoints (e.g., loadmore posts) that do not verify whether targeted posts are published, enabling an unauthenticated attacker to query arbitrary po...

WordPress plugin Ultimate Post Kit Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

CVE-2024-5662

CVE-2024-5662 affects the Ultimate Post Kit Addons For Elementor for WordPress. A Stored XSS vulnerability exists in the Social Count (Static) widget via the url parameter across all versions up to 3.11.7 due to insufficient input sanitization and output escaping. Exploitation requires authentica...

WordPress plugin Ultimate Post Kit Addons For Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Ultimate Post Kit – Addons For Elementor Plugin <= 3.11.7 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Post Kit – Addons For Elementor Type Plugin Vulnerable versions = 3.11.7 Fixed in 3.11.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5662 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eaf9b9b3c2a5 Credi...

WordPress Ultimate Post Kit – Addons For Elementor Plugin <= 3.6.3 is vulnerable to Cross Site Scripting (XSS)

Software Ultimate Post Kit – Addons For Elementor Type Plugin Vulnerable versions = 3.6.3 Fixed in 3.6.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 162050be8a2d Credits Rafie...

WordPress Ultimate Post Kit – Addons For Elementor plugin < 2.9.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Ultimate Post Kit – Addons For Elementor plugin versions 2.9.1. Solution Update the WordPress Ultimate Post Kit – Addons For Elementor plugin to the latest available version at least 2.9.1...