EUVD-2024-44176

Malicious code in bioql PyPI...

EUVD-2025-2997

Malicious code in bioql PyPI...

CVE-2025-22788

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...

CVE-2024-4371

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. This makes it...

CVE-2025-22788

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...

CVE-2025-22788 WordPress CoDesigner plugin <= 4.29 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through = 4.29...

CVE-2024-4371

CVE-2024-4371 applies to the WordPress plugin “CoDesigner – Elementor Addon for WooCommerce” (CoDesigner WooCommerce Builder for Elementor). It describes an unauthenticated PHP Object Injection in versions up to 4.4.1 caused by deserialization of untrusted input from the recently_viewed_products ...

CVE-2024-4371 CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Unauthenticated PHP Object Injection

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. This makes it...

CVE-2024-4371 CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Unauthenticated PHP Object Injection

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recentlyviewedproducts cookie. This makes it...

CVE-2024-4564

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Shop Slider, Tabs Classic, and Image Comparison widgets in all versions up to, and including, 4.4.1 due to...

CVE-2024-4564 CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Shop Slider, Tabs Classic, and Image Comparison widgets in all versions up to, and including, 4.4.1 due to...

CVE-2024-4564

CVE-2024-4564 affects CoDesigner – Elementor Addon for WooCommerce (WordPress) up to version 4.4.1. A stored XSS vulnerability exists in multiple widgets (Shop Slider, Tabs Classic, Image Comparison) due to insufficient input sanitization/output escaping. Exploitation requires at least Contributo...

WordPress CoDesigner WooCommerce Builder for Elementor Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)

Software CoDesigner WooCommerce Builder for Elementor Type Plugin Vulnerable versions = 4.4.1 Fixed in 4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4564 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 753df9e18976 Credi...