Lucene search
K

35 matches found

CNNVD
CNNVD
added 2025/04/04 12:0 a.m.6 views

WordPress plugin UltraAddons Elementor Lite 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

4.3CVSS6AI score0.00145EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/21 2:6 a.m.17 views

CVE-2024-10696 UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.8 - Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.8 via the showtemplate due to missing validatio...

4.3CVSS6.5AI score0.00484EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/20 12:0 a.m.12 views

WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Sensitive Data Exposure

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10696 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5f4604fffe9a Credits Francesco Carluc...

4.3CVSS6.5AI score0.00484EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/10/17 8:15 p.m.24 views

CVE-2024-49277

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Stored XSS.This issue affects UltraAddons Elementor Lite: from n/a through = 2.0.2...

6.5CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2024/10/17 7:23 p.m.45 views

CVE-2024-49277

CVE-2024-49277 denotes a Stored XSS in UltraAddons Elementor Lite (WordPress)

6.5CVSS5.9AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.4 views

WordPress plugin UltraAddons Elementor Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.1AI score0.00251EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/17 12:0 a.m.3 views

PT-2024-33416 · Ultraaddons · Ultraaddons Elementor Lite

Name of the Vulnerable Software and Affected Versions: UltraAddons Elementor Lite versions 1.1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

6.5CVSS5.6AI score0.00251EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.13 views

WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3bd9de105fd9 Credits Michael Required privilege...

6.5CVSS6.8AI score0.00251EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/10 6:16 a.m.3 views

WordPress UltraAddons Elementor Lite plugin <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin UltraAddons Elementor Lite versions = 1.1.6...

6.4CVSS5.8AI score0.00366EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.17 views

WordPress UltraAddons Elementor Lite Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4866 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6acf063eea46 Credits stealthcopter...

6.4CVSS5.8AI score0.00366EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/07/06 5:15 p.m.26 views

CVE-2024-37554

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows DOM-Based XSS.This issue affects UltraAddons Elementor Lite: from n/a through = 2.0.2...

6.5CVSS0.00242EPSS
Exploits0References2
OSV
OSV
added 2024/07/06 5:15 p.m.6 views

CVE-2024-37554

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodeAstrology Team UltraAddons Elementor Lite Header & Footer Builder, Menu Builder, Cart Icon, Shortcode.This issue affects UltraAddons Elementor Lite Header & Footer Builder, Menu Builder,...

5.4CVSS5.8AI score0.00242EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/06 12:0 a.m.15 views

WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37554 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 027a0305e057 Credits Khalid Yusuf Required privile...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/06 12:0 a.m.7 views

WordPress plugin UltraAddons Elementor Lite Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

6.5CVSS6.2AI score0.00242EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.5 views

WordPress UltraAddons Elementor Lite Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d3b08d811ef1 Credits Rafie Muhammad Patchstack...

6.1AI score0.00284EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder