CVE-2025-9029

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to missing authorization via the wdkithandlereviewsubmission function in versions less than, or equal to, 1.2.16. This is due to the plugin not properly verifyin...

EUVD-2025-32417

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to missing authorization via the wdkithandlereviewsubmission function in versions less than, or equal to, 1.2.16. This is due to the plugin not properly verifyin...

CVE-2025-9029

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to missing authorization via the wdkithandlereviewsubmission function in versions less than, or equal to, 1.2.16. This is due to the plugin not properly verifyin...

CVE-2025-9029 WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission Function

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to missing authorization via the wdkithandlereviewsubmission function in versions less than, or equal to, 1.2.16. This is due to the plugin not properly verifyin...

CVE-2025-9029

CVE-2025-9029 concerns the WordPress plugin WDesignKit (Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder). The vulnerability is a missing authorization flaw in the function wdkit_handle_review_submission for versions

PT-2025-40618

Name of the Vulnerable Software and Affected Versions WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress versions through 1.2.16 Description The WDesignKit plugin for WordPress does not properly verify user authorization, allowing...

WordPress plugin WDesignKit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress WDesignKit plugin <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission Function vulnerability

Missing Authentication via wdkithandlereviewsubmission Function vulnerability discovered by Peter Thaleikis in WordPress Plugin WDesignkit versions = 1.2.16...

EUVD-2024-52143

Malicious code in bioql PyPI...

EUVD-2025-9324

Malicious code in bioql PyPI...

CVE-2024-53811

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through = 1.0.40...

CVE-2024-12189

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...

CVE-2024-12189

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...

CVE-2024-12189

The CVE-2024-12189 entry concerns the WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress. Connected material confirms a Stored Cross-Site Scripting vulnerability via custom widgets in all versions up to 1.2.2, caused by insufficie...

CVE-2024-12189 WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...

CVE-2024-12189 WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...

WordPress plugin WDesignKit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

PT-2025-14084 · WordPress · Wdesignkit

Name of the Vulnerable Software and Affected Versions: The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is related to Stored Cross-Site Scripting via custom widgets...

WordPress WDesignKit plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ankit Patel in WordPress Plugin WDesignkit versions = 1.2.3...

CVE-2024-53811

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through = 1.0.40...