Lucene search
K

5 matches found

EUVD
EUVD
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29551

Insufficient ownership checks in clientarea.php allow an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's resources and their cPanel account...

10CVSS5.8AI score0.00319EPSS
Exploits1References2
NVD
NVD
added 2026/05/12 6:16 p.m.9 views

CVE-2026-29204

Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account...

9.1CVSS0.00319EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/12 5:46 p.m.35 views

CVE-2026-29204

Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account...

9.1CVSS0.00319EPSS
Exploits1References1
OSV
OSV
added 2024/06/06 10:15 a.m.6 views

CVE-2024-5329

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to blind SQL Injection via the ‘dataaddonID’ parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...

8.8CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.5 views

PT-2024-35713 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.109 Description: The issue is related to blind SQL Injection via the dataaddonID parameter due to insufficient escaping on the user-supplied paramete...

8.8CVSS7.4AI score0.00509EPSS
Exploits0References10
Rows per page
Query Builder