9 matches found
CVE-2026-27073
CVE-2026-27073 is a WordPress plugin issue affecting Addi – Cuotas que se adaptan a ti, 2.0.4. The available connected sources do not provide explicit exploit details or in-the-wild activity beyond the vulnerability description and fixes. If you use this plugin, prioritize upgrading to a non-vul...
CVE-2025-66135
Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through = 2.0.4...
CVE-2025-66112
Missing Authorization vulnerability in WebToffee Accessibility Toolkit by WebYes accessibility-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Toolkit by WebYes: from n/a through = 2.0.4...
CVE-2025-22513
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kyle Phillips Simple Locator simple-locator allows Reflected XSS.This issue affects Simple Locator: from n/a through = 2.0.4...
PT-2025-3845 · WordPress · Divi Carousel Maker
Name of the Vulnerable Software and Affected Versions: Divi Carousel Maker plugin for WordPress versions up to, and including, 2.0.4 Description: The Divi Carousel Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all...
WordPress Helloprint plugin <= 2.0.4 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Helloprint versions = 2.0.4...
VulnCheck KEV: CVE-2019-25214
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST API routes in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to call the endpoints and perform unauthorized actions such as...
WordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Woo Products Widgets For Elementor versions = 2.0.4...
WordPress Academy LMS plugin <= 2.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by filime Patchstack Alliance in WordPress Plugin Academy LMS versions = 2.0.4...