434 matches found
PT-2024-30126 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.19 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Interactive Circle widget due to insufficient input sanitization a...
CVE-2021-34960
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2021-34960
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2021-34960 Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2021-34960
Foxit PDF Editor CVE-2021-34960: Use-after-free in Circle Annotation handling allows remote code execution when a user visits a malicious page or opens a malicious file. Root cause: missing validation of object existence before operations on Annotation objects, executing code in the current proce...
CVE-2024-3743
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-3728
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery & Interactive Circle widgets in all versions up to, and including, 5.9.15 due to insufficient...
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-3743 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...
WordPress Team Circle Image Slider With Lightbox Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Team Circle Image Slider With Lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2015-10130 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4e4875511ed9 Credit...
WordPress Plugin Team Circle Image Slider With Lightbox Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2021-46941
creationtimestamp| type| source ---|---|--- 2024-02-27 20:11:59+00:00| seen| https://t.me/ctinow/194817 2024-02-28 09:16:55+00:00| seen| https://t.me/ctinow/195218 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2021-46925
creationtimestamp| type| source ---|---|--- 2024-02-27 11:32:06+00:00| seen| https://t.me/ctinow/194246 2024-02-27 19:11:56+00:00| seen| https://t.me/ctinow/194761 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2024-21351
creationtimestamp| type| source ---|---|--- 2024-02-13 19:17:25+00:00| seen| https://t.me/ctinow/184062 2024-02-13 19:31:34+00:00| seen| https://t.me/ctinow/184064 2024-02-13 20:06:58+00:00| seen| https://t.me/ctinow/184119 2024-02-13 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e012...
CVE-2023-48301
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clickin...
CVE-2023-48301 Nextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clickin...
PT-2023-8886 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions 27.0.0 through 27.1.2 Description: The issue is related to improper neutralization of input during web page generation,...
circle-mi.ch Cross Site Scripting vulnerability OBB-3754156
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Bubble Menu – circle floating menu Plugin < 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Bubble Menu – circle floating menu Type Plugin Vulnerable versions 3.0.5 Fixed in 3.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3650 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 29b436660257 Credits Dipak...
CVE-2023-2604
The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...