WordPress Easy Elements for Elementor – Addons & Website Templates plugin <= 1.4.4 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Ankit Patel in WordPress Plugin Easy Elements for Elementor Addons & Website Templates versions = 1.4.4...

EUVD-2023-29015

Malicious code in bioql PyPI...

EUVD-2023-29438

Malicious code in bioql PyPI...

CVE-2023-25036

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

CVE-2025-32581

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ankit Singla WordPress Spam Blocker cf7-manual-spam-blocker allows Stored XSS.This issue affects WordPress Spam Blocker: from n/a through = 2.0.5...

PT-2025-15796 · WordPress · Ankit Singla Wordpress Spam Blocker

Name of the Vulnerable Software and Affected Versions: Ankit Singla WordPress Spam Blocker versions 2.0.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

WordPress WidgetKit plugin <= 2.5.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ankit Patel in WordPress Plugin WidgetKit versions = 2.5.5...

WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Sensitive Data Exposure

Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a83345ae77b9 Credits Ankit Patel Required...

WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin Ultimate Bootstrap Elements for Elementor versions = 1.4.6...

WordPress Xpro Addons For Elementor plugin <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Elementor Template vulnerability discovered by Ankit Patel in WordPress Plugin Xpro Elementor Addons versions = 1.4.6...

WordPress Exclusive Addons Elementor Plugin <= 2.7.4 is vulnerable to Sensitive Data Exposure

Software Exclusive Addons Elementor Type Plugin Vulnerable versions = 2.7.4 Fixed in 2.7.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10312 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 925615829867 Credits Ankit Patel...

WordPress ElementInvader Addons for Elementor plugin <= 1.2.9 - Authenticated (Contributor+) Information Exposure vulnerability

Authenticated Contributor+ Information Exposure vulnerability discovered by Ankit Patel in WordPress Plugin ElementInvader Addons for Elementor versions = 1.2.9...

WordPress ElementInvader Addons for Elementor Plugin <= 1.2.9 is vulnerable to Sensitive Data Exposure

Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-9889 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7d169fa5766f Credits Ankit...

CVE-2023-46824

A vulnerability in Ankit Singla Slick Popup slick-popup.This issue affects Slick Popup: from n/a through = 1.7.14...

CVE-2023-25483

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ankit Agarwal, Priyanshu Mittal Easy Coming Soon plugin = 2.3 versions...

CVE-2023-25483 WordPress Easy Coming Soon Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ankit Agarwal, Priyanshu Mittal Easy Coming Soon plugin = 2.3 versions...

CVE-2023-25036

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

CVE-2023-25036

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

CVE-2023-25036

CVE-2023-25036 affects the WordPress Social Media Icons Widget plugin (≤1.6). The CSRF vulnerability allows unauthenticated users to exploit but no patch is publicly available (patch status is unpatched per multiple sources; PatchStack lists no fix). Affected plugin versions should be considered ...