CVE-2026-1314

The CVE-2026-1314 entry concerns the WordPress plugin “3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery”. It is vulnerable due to a missing capability check in send_post_pages_json() across all versions up to and including 1.16.17, allowing unauthenticated attackers to retr...

CVE-2026-1004

The Essential Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 6.5.5 via the 'eaelproductquickviewpopup' function. This makes it possible for unauthenticated attackers to retrieve WooCommerce product information for...

PT-2025-2071 · WordPress · Ht Event – Wordpress Event Manager Plugin For Elementor

Name of the Vulnerable Software and Affected Versions: The HT Event – WordPress Event Manager Plugin for Elementor plugin for WordPress versions up to, and including, 1.4.7 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private,...

PT-2024-39687 · WordPress · Sky Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Sky Addons for Elementor plugin for WordPress versions up to, and including, 2.6.1 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private, pending, and draft Elementor...

CVE-2024-8516

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.1 via the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract limited post information from...

MGASA-2015-0464 Updated moodle packages fix security vulnerability

In Moodle before 2.8.9, if guest access is open on the site, unauthenticated users can store Atto draft data through the editor autosave area, which could be exploited in a denial of service attack CVE-2015-5332. In Moodle before 2.8.9, due to a CSRF issue in the site registration form, it is...