Lucene search
+L

5 matches found

Patchstack
Patchstack
added 2025/04/23 11:1 a.m.9 views

WordPress UiCore Elements plugin <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin UiCore Elements versions = 1.0.16...

6.4CVSS6.3AI score0.00216EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/04/23 10:15 a.m.18 views

CVE-2025-1054

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slider, UI Testimonial Grid, and UI Testimonial Carousel widgets in all versions up to, and including, 1.0.16 due to...

6.4CVSS0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/23 9:23 a.m.22 views

CVE-2025-1054 UiCore Elements – Free Elementor widgets and templates <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slider, UI Testimonial Grid, and UI Testimonial Carousel widgets in all versions up to, and including, 1.0.16 due to...

6.4CVSS0.00216EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/23 9:23 a.m.4 views

CVE-2025-1054 UiCore Elements – Free Elementor widgets and templates <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slider, UI Testimonial Grid, and UI Testimonial Carousel widgets in all versions up to, and including, 1.0.16 due to...

6.4CVSS5.9AI score0.00216EPSS
Exploits0References2
CVE
CVE
added 2025/04/23 9:23 a.m.61 views

CVE-2025-1054

CVE-2025-1054 affects UiCore Elements – Free Elementor widgets and templates (WordPress). The vulnerability is Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slider, UI Testimonial Grid, and UI Testimonial Carousel widgets in all versions up to 1.0.16. Root cause: ins...

6.4CVSS5.8AI score0.00216EPSS
Exploits0References2
Rows per page
Query Builder