5 matches found
CVE-2025-62104
Technical details about CVE-2025-62104 are not publicly available in the provided documents; monitor for updates.
CVE-2026-25416 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through = 1.4.2...
PT-2025-39048
Name of the Vulnerable Software and Affected Versions WP Travel Engine versions through 1.4.2 Description The software contains a flaw related to improper input handling during web page generation, which allows for Cross-site Scripting XSS. This specific instance is a Stored XSS issue, meaning...
PT-2024-36163 · Themeum · Wp Mega Menu
Name of the Vulnerable Software and Affected Versions: WP Mega Menu versions 1.4.2 and earlier Description: The issue is related to Deserialization of Untrusted Data, which allows Object Injection in Themeum WP Mega Menu. Recommendations: For WP Mega Menu versions 1.4.2 and earlier, update to a...
PT-2024-19454 · WordPress · The 130+ Widgets
Name of the Vulnerable Software and Affected Versions: The 130+ Widgets | Best Addons For Elementor – FREE plugin for WordPress versions up to, and including, 1.4.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's widgets due to insufficient input sanitization and...