Lucene search
K

7 matches found

NVD
NVD
added 2026/06/09 9:16 a.m.16 views

CVE-2026-8677

The Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Widget HTML Tag Settings in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible...

6.4CVSS0.00243EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

WordPress plugin Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.4CVSS5.4AI score0.00243EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.14 views

WordPress Plugin Lawyer Directory Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.0042EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 3:26 p.m.12 views

WordPress Featured Image Generator plugin <= 1.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Featured Image Generator versions = 1.3.3...

5.3CVSS6.8AI score0.00176EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/09/22 7:36 p.m.7 views

WordPress AnyClip Luminous Studio Plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin AnyClip Luminous Studio versions = 1.3.3...

6.5CVSS6AI score0.0025EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.4 views

PT-2024-32870 · WordPress · Boostify Header Footer Builder

Name of the Vulnerable Software and Affected Versions: Boostify Header Footer Builder for Elementor plugin for WordPress versions up to, and including, 1.3.3 Description: The issue is related to unauthorized modification of data due to a missing capability check on the create bhf post function...

4.3CVSS6.7AI score0.00343EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/03/15 12:0 a.m.1 views

PT-2022-18303 · Jenkins · Jenkins Release Helper Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Release Helper Plugin versions 1.3.3 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

4.3CVSS4.4AI score0.00714EPSS
Exploits0References7
Rows per page
Query Builder