Lucene search
K

434 matches found

ptsecurity
ptsecurity
added 2024/05/10 12:0 a.m.4 views

PT-2024-30126 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.19 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Interactive Circle widget due to insufficient input sanitization a...

6.4CVSS6.2AI score0.00343EPSS
Exploits0References6
nvd
nvd
added 2024/05/07 11:15 p.m.25 views

CVE-2021-34960

Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8AI score0.00349EPSS
Exploits0References2
osv
osv
added 2024/05/07 11:15 p.m.3 views

CVE-2021-34960

Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS6.2AI score0.00349EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/07 10:54 p.m.34 views

CVE-2021-34960 Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8.2AI score0.00349EPSS
Exploits0References2
cve
cve
added 2024/05/07 10:54 p.m.71 views

CVE-2021-34960

Foxit PDF Editor CVE-2021-34960: Use-after-free in Circle Annotation handling allows remote code execution when a user visits a malicious page or opens a malicious file. Root cause: missing validation of object existence before operations on Annotation objects, executing code in the current proce...

7.8CVSS8AI score0.00349EPSS
Exploits0References2Affected Software2
osv
osv
added 2024/05/02 5:15 p.m.6 views

CVE-2024-3743

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...

5.4CVSS6AI score0.00572EPSS
Exploits0References7
osv
osv
added 2024/05/02 5:15 p.m.6 views

CVE-2024-3728

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery & Interactive Circle widgets in all versions up to, and including, 5.9.15 due to insufficient...

6.4CVSS6AI score0.00557EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/05/02 4:52 p.m.13 views

CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...

6.4CVSS6.1AI score0.00572EPSS
Exploits0References7
cvelist
cvelist
added 2024/05/02 4:52 p.m.25 views

CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...

6.4CVSS6AI score0.00572EPSS
Exploits0References7
patchstack
patchstack
added 2024/03/13 12:0 a.m.17 views

WordPress Team Circle Image Slider With Lightbox Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Team Circle Image Slider With Lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2015-10130 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4e4875511ed9 Credit...

5.3CVSS6.6AI score0.00202EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2024/03/13 12:0 a.m.5 views

WordPress Plugin Team Circle Image Slider With Lightbox Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.3CVSS6.6AI score0.00202EPSS
Exploits0References3
circl
circl
added 2024/02/27 8:11 p.m.5 views

CVE-2021-46941

creationtimestamp| type| source ---|---|--- 2024-02-27 20:11:59+00:00| seen| https://t.me/ctinow/194817 2024-02-28 09:16:55+00:00| seen| https://t.me/ctinow/195218 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References3
circl
circl
added 2024/02/27 11:32 a.m.8 views

CVE-2021-46925

creationtimestamp| type| source ---|---|--- 2024-02-27 11:32:06+00:00| seen| https://t.me/ctinow/194246 2024-02-27 19:11:56+00:00| seen| https://t.me/ctinow/194761 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

4.7CVSS5.7AI score0.00173EPSS
Exploits0References3
circl
circl
added 2024/02/13 7:17 p.m.21 views

CVE-2024-21351

creationtimestamp| type| source ---|---|--- 2024-02-13 19:17:25+00:00| seen| https://t.me/ctinow/184062 2024-02-13 19:31:34+00:00| seen| https://t.me/ctinow/184064 2024-02-13 20:06:58+00:00| seen| https://t.me/ctinow/184119 2024-02-13 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e012...

7.6CVSS7.4AI score0.30344EPSS
Exploits0References11
nvd
nvd
added 2023/11/21 10:15 p.m.28 views

CVE-2023-48301

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clickin...

5.4CVSS0.0064EPSS
Exploits1References3
cvelist
cvelist
added 2023/11/21 9:26 p.m.32 views

CVE-2023-48301 Nextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clickin...

3.5CVSS5.6AI score0.0064EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2023/11/21 12:0 a.m.2 views

PT-2023-8886 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions 27.0.0 through 27.1.2 Description: The issue is related to improper neutralization of input during web page generation,...

9.8CVSS5.3AI score0.01041EPSS
Exploits6References94
openbugbounty
openbugbounty
added 2023/10/18 9:33 p.m.11 views

circle-mi.ch Cross Site Scripting vulnerability OBB-3754156

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
patchstack
patchstack
added 2023/08/08 12:0 a.m.13 views

WordPress Bubble Menu – circle floating menu Plugin < 3.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Bubble Menu – circle floating menu Type Plugin Vulnerable versions 3.0.5 Fixed in 3.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3650 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 29b436660257 Credits Dipak...

4.8CVSS5.7AI score0.00636EPSS
Exploits2References3Affected Software1
osv
osv
added 2023/06/09 6:16 a.m.3 views

CVE-2023-2604

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder