Lucene search
+L

5 matches found

Circl
Circl
added 2025/04/12 8:51 a.m.13 views

CVE-2025-1456

creationtimestamp| type| source ---|---|--- 2025-04-12 08:51:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11551 2025-04-12 12:12:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmmiyofvy62v 2025-04-12 12:30:52+00:00| seen| https://t.me/cvedetector/22799...

6.4CVSS8.7AI score0.00262EPSS
Exploits0References3
CVE
CVE
added 2025/04/12 8:22 a.m.94 views

CVE-2025-1456

The CVE-2025-1456 entry affects Royal Elementor Addons and Templates for WordPress (Royal Elementor Addons and Templates) with Stored XSS via widgetGrid, widgetCountDown, and widgetInstagramFeed in versions up to 1.7.1012 due to insufficient input sanitization and output escaping. Exploitation re...

6.4CVSS5.8AI score0.00262EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/04/12 8:22 a.m.32 views

CVE-2025-1456 Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site Scripting

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widgetGrid, widgetCountDown, and widgetInstagramFeed methods in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/12 8:22 a.m.7 views

CVE-2025-1456 Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site Scripting

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widgetGrid, widgetCountDown, and widgetInstagramFeed methods in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.8AI score0.00262EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/04/11 9:36 p.m.9 views

WordPress Royal Elementor Addons plugin <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated DOM-Based Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Royal Elementor Addons versions = 1.7.1012...

6.4CVSS6.3AI score0.00262EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder