Lucene search
K

7328 matches found

EUVD
EUVD
added 2026/06/20 1:36 p.m.8 views

EUVD-2019-20199

WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the...

9.8CVSS5.9AI score0.00428EPSS
Exploits0References3
CVE
CVE
added 2026/06/20 1:36 p.m.22 views

CVE-2019-25763

WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability. An attacker can submit a POST to admin-ajax.php with the uabb-lf-google-submit action, a valid administrator email, and a valid nonce to obtain session cookies and authenticate as that user. CVSS...

9.8CVSS5.9AI score0.00428EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 6:17 a.m.13 views

CVE-2026-8118

The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wprgetcsvhandle helper introduced in version 1.7.1058 as part of the patch for CVE-2026-6229 falling back to...

6.5CVSS0.0024EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 4:31 a.m.14 views

EUVD-2026-37986

The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wprgetcsvhandle helper introduced in version 1.7.1058 as part of the patch for CVE-2026-6229 falling back to...

7.2CVSS5.9AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:31 a.m.16 views

CVE-2026-8118

The CVE concerns the WordPress plugin Royal Addons for Elementor – Addons and Templates Kit for Elementor (versions 1.7.1058–1.7.1059). A flaw in wpr_get_csv_handle(), introduced in 1.7.1058, allows an authenticated attacker with Contributor+ privileges to cause Arbitrary File Read by abusing set...

6.5CVSS5.6AI score0.0024EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 4:31 a.m.35 views

CVE-2026-8118 Royal Addons for Elementor – Addons and Templates Kit for Elementor 1.7.1058 - 1.7.1059 - Authenticated (Contributor+) Arbitrary File Read via Data Table Widget CSV File Source

The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wprgetcsvhandle helper introduced in version 1.7.1058 as part of the patch for CVE-2026-6229 falling back to...

6.5CVSS0.0024EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50845

Name of the Vulnerable Software and Affected Versions The Royal Addons for Elementor – Addons and Templates Kit for Elementor versions 1.7.1058 through 1.7.1059 Description An arbitrary file read issue exists due to the wpr get csv handle helper function. When the settings.table upload csv.url...

6.5CVSS6AI score0.0024EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/06/18 4:21 p.m.6 views

WordPress Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin 1.7.1058-1.7.1059 - Authenticated (Contributor+) Arbitrary File Read vulnerability

Authenticated Contributor+ Arbitrary File Read vulnerability discovered by Jack Taylor in WordPress Plugin Royal Elementor Addons versions 1.7.1058-1.7.1059...

6.5CVSS5.3AI score0.0024EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37590

Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2025-210224

Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...

9.9CVSS5.2AI score0.00447EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2025-210223

Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...

9.8CVSS5.3AI score0.00525EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 2:17 p.m.9 views

CVE-2026-40720

Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-39597

Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...

7.1CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.9 views

CVE-2025-60205

Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...

9.8CVSS0.00525EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.7 views

CVE-2025-60218

Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...

9.9CVSS0.00447EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 12:47 p.m.11 views

EUVD-2026-37692

Unauthenticated Cross Site Scripting XSS in Royal Elementor Addons Pro 1.7.1041 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.35 views

CVE-2026-39597 WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.27 views

CVE-2025-60218 WordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Upload Vulnerability

Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...

9.9CVSS0.00447EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.15 views

CVE-2025-60218

CVE-2025-60218 concerns the WordPress plugin “PT Luxa Addons” (versions

9.9CVSS5.2AI score0.00447EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.8 views

CVE-2025-60205

The CVE-2025-60205 entry concerns WordPress ThemeREX Addons plugin version

9.8CVSS5.3AI score0.00525EPSS
Exploits0References1
Rows per page
Query Builder