Lucene search
K

76 matches found

Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.6 views

PT-2025-12016

Name of the Vulnerable Software and Affected Versions: Age Gate plugin for WordPress versions up to, and including, 3.5.3 Description: The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion via the lang parameter. This allows unauthenticated attackers to include and execute...

9.8CVSS7.2AI score0.01229EPSS
Exploits0References18
Patchstack
Patchstack
added 2025/03/19 7:49 p.m.5 views

WordPress Age Gate plugin <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang' vulnerability

Unauthenticated Local PHP File Inclusion via 'lang' vulnerability discovered by mikemyers in WordPress Plugin Age Gate versions = 3.5.3...

9.8CVSS8.9AI score0.01229EPSS
Exploits0References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/03/19 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-2505

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in...

9.8CVSS6.2AI score0.01229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:37 a.m.7 views

CVE-2024-5091

The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

7.4CVSS5.8AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2024/11/02 2:15 a.m.14 views

CVE-2024-9868

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate Widget 'url' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization a...

5.4CVSS0.00256EPSS
Exploits0References2
OSV
OSV
added 2024/11/02 2:15 a.m.3 views

CVE-2024-9868

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate Widget 'url' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization a...

5.4CVSS5.9AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/02 2:3 a.m.20 views

CVE-2024-9868 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate Widget 'url' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization a...

5.4CVSS0.00256EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/02 12:0 a.m.4 views

WordPress plugin Element Pack Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.9AI score0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.4 views

PT-2024-39900 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.10.1 Description: The issue is related to Stored Cross-Site Scripting via the url parameter in the Age Gate Widget, caused by insufficient input...

5.4CVSS6.2AI score0.00256EPSS
Exploits0References10
OSV
OSV
added 2024/06/08 7:15 a.m.3 views

CVE-2024-5091

The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS5.9AI score0.00298EPSS
Exploits0References2
CVE
CVE
added 2024/06/08 6:54 a.m.55 views

CVE-2024-5091

The vulnerability CVE-2024-5091 affects the SKT Addons for Elementor WordPress plugin. It allows Stored Cross-Site Scripting via the Age Gate and Creative Slider widgets in all versions up to and including 2.0. The issue arises from insufficient input sanitization and output escaping on user-supp...

7.4CVSS6.5AI score0.00298EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.4 views

WordPress plugin SKT Addons for Elementor security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.4CVSS6.1AI score0.00298EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.5 views

PT-2024-34452 · WordPress · Skt Addons For Elementor

Name of the Vulnerable Software and Affected Versions: SKT Addons for Elementor plugin for WordPress versions up to, and including, 2.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets due to insufficient input sanitization and...

7.4CVSS5.9AI score0.00298EPSS
Exploits0References8
NVD
NVD
added 2024/05/14 3:20 p.m.17 views

CVE-2024-2785

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00333EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:20 p.m.7 views

CVE-2024-2785

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.4CVSS6AI score0.00333EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

WordPress plugin The Plus Addons for Elementor 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...

6.4CVSS6AI score0.00333EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/09 8:3 p.m.15 views

CVE-2024-2785 The Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/09 8:3 p.m.22 views

CVE-2024-2785 The Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate

The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6AI score0.00333EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/09 12:0 a.m.8 views

PT-2024-22080 · WordPress · The Plus Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor plugin for WordPress versions up to, and including, 5.4.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the Age Gate widget, allowing...

6.4CVSS7.3AI score0.00333EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.24 views

The Plus Addons for Elementor < 5.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate

Description The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.9AI score0.00333EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder