PT-2025-50023

Insertion of Sensitive Information Into Sent Data vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Retrieve Embedded Sensitive Data.This issue affects WP EasyCart: from n/a through = 5.8.11...

PT-2024-27007 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor Pro plugin for WordPress versions up to, and including, 5.8.11 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Counter widget due to insufficient input sanitization and outp...

WordPress Essential Addons for Elementor Pro Plugin <= 5.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Pro Type Plugin Vulnerable versions = 5.8.11 Fixed in 5.8.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3645 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eab61f9d0ab1 Credits Ngô...

PT-2023-19450 · Dromara · Dromara Hutool

Name of the Vulnerable Software and Affected Versions: Dromara Hutool version 5.8.11 Description: A deserialization issue allows an attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter. This enables the attacker to potentially gain control over the system. Recommendation...

CVE-2022-4565

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...