Cryptocurrency Widgets Pack <= 1.8.1 - SQL Injection

Cryptocurrency Widgets Pack Plugin =1.8.1 for WordPress contains an unauthenticated SQL injection caused by unsanitized user input in database queries, letting attackers execute arbitrary SQL commands, exploit requires no authentication. id: CVE-2022-44588 info: name: Cryptocurrency Widgets Pack ...

VulnCheck KEV: CVE-2022-4059

The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

EUVD-2024-45104

Malicious code in bioql PyPI...

EUVD-2022-47526

Malicious code in bioql PyPI...

CVE-2024-50542

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through = 1.3.1...

CVE-2022-4059

The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2025-31539

Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...

WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Cryptocurrency Widgets Pack versions = 2.0.1...

CVE-2025-31539

Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...

CVE-2025-31539 WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cryptocurrency Widgets Pack: from n/a through 2.0.1...

CVE-2025-31539 WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through = 2.0.1...

CVE-2025-31539

CVE-2025-31539 concerns a Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack (WordPress). Affected: Blocksera Widgets Pack versions from n/a up to 2.0.1. Root cause: Incorrectly configured access control security levels leading to Missing Authorization. Impact: CVSS 3.1 ...

WordPress plugin Blocksera Cryptocurrency Widgets Pack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-50542

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through = 1.3.1...

CVE-2024-50542

CVE-2024-50542 is a DOM-based XSS in the WordPress plugin RLM Elementor Widgets Pack (Zach Silberstein) affecting versions up to 1.3.1. The issue arises from improper input handling during web page generation. Public sources in the connected documents confirm the vulnerability type (DOM-based XSS...

CVE-2024-50542 WordPress RLM Elementor Widgets Pack plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through = 1.3.1...

CVE-2024-50542 WordPress RLM Elementor Widgets Pack plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through = 1.3.1...

WordPress plugin RLM Elementor Widgets Pack 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-34320 · Unknown · Rlm Elementor Widgets Pack

Name of the Vulnerable Software and Affected Versions: RLM Elementor Widgets Pack versions 1.3.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can lead to cross-site scripting attacks...

WordPress RLM Elementor Widgets Pack plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin RLM Elementor Widgets Pack versions = 1.3.1...