Lucene search
+L

8 matches found

Patchstack
Patchstack
added 2026/04/14 11:37 a.m.4 views

WordPress Post grid and filter ultimate plugin <= 1.7.4 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin Post grid and filter ultimate versions = 1.7.4...

5.8AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/13 3:20 a.m.34 views

CVE-2025-14278 HT Slider for Elementor <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidetitle' parameter in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping in JavaScript. This makes it possible for authenticated attackers, wi...

6.4CVSS0.00195EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:32 a.m.5 views

CVE-2024-50449

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder pdf-generator-addon-for-elementor-page-builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builder:...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:25 a.m.4 views

CVE-2024-49686

Missing Authorization vulnerability in fatcatapps Landing Page Cat landing-page-cat.This issue affects Landing Page Cat: from n/a through = 1.7.4...

5.4CVSS5.9AI score0.00378EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.4 views

PT-2024-17590 · WordPress · Import Eventbrite Events

Name of the Vulnerable Software and Affected Versions: Import Eventbrite Events plugin for WordPress versions up to, and including, 1.7.4 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This...

6.1CVSS6.8AI score0.00363EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/11/08 3:44 p.m.4 views

WordPress I Plant A Tree plugin <= 1.7.4 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin I Plant A Tree versions = 1.7.4...

6.5CVSS5.8AI score0.00302EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/21 9:32 a.m.3 views

WordPress Landing Page Cat plugin <= 1.7.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Landing Page Cat versions = 1.7.4...

5.4CVSS6.8AI score0.00378EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/03/23 3:15 p.m.5 views

CVE-2023-23728

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Winwar Media WP Flipclock plugin = 1.7.4 versions...

5.4CVSS6.1AI score0.00393EPSS
Exploits0References1
Rows per page
Query Builder