86 matches found
CVE-2024-10321
The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.4 in elements/advanced-tab/template/view.php. This makes it possible for authenticated attackers, with Contributor-level access and above,...
CVE-2024-10321
The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.5 in elements/advanced-tab/template/view.php. This makes it possible for authenticated attackers, with Contributor-level access and above,...
CVE-2024-10321 All-in-One Addons for Elementor – WidgetKit <= 2.5.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.4 in elements/advanced-tab/template/view.php. This makes it possible for authenticated attackers, with Contributor-level access and above,...
WordPress WidgetKit plugin <= 2.5.5 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Ankit Patel in WordPress Plugin WidgetKit versions = 2.5.5...
WordPress plugin All-in-One Addons for Elementor – WidgetKit 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
CVE-2024-37428
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.0...
CVE-2024-37428
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.0...
CVE-2024-37428 WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.0...
CVE-2024-37428
CVE-2024-37428 concerns the WidgetKit component of WordPress All-in-One Addons for Elementor (Themesgrove). The vulnerability is a Stored Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation, affecting WidgetKit versions from n/a up to and including 2.5.0....
CVE-2024-37428 WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.5.0...
PT-2024-27544 · Widgetkit · Widgetkit
Name of the Vulnerable Software and Affected Versions: WidgetKit versions n/a through 2.5.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versions n...
WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin WidgetKit versions = 2.5.0...
WordPress WidgetKit Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS)
Software WidgetKit Type Plugin Vulnerable versions = 2.5.0 Fixed in 2.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37428 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 351434df7944 Credits 4rCanJ0x! Required privilege Contributor...
CVE-2024-34548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
CVE-2024-34548 WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
CVE-2024-34548 WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
CVE-2024-34548
CVE-2024-34548 is a Stored XSS in Themesgrove WidgetKit (WidgetKit for Elementor). Affected: WidgetKit versions up to 2.4.8. Root cause: improper neutralization of input during web page generation. Impact: stored cross-site scripting vesting on pages using the widget. Remediation: patch/upgrade t...
PT-2024-25962 · Widgetkit · Widgetkit
Name of the Vulnerable Software and Affected Versions: WidgetKit versions prior to 2.4.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts in...
WordPress plugin WidgetKit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Ray Wilson Patchstack Alliance in WordPress Plugin WidgetKit versions = 2.4.8...