16 matches found
CVE-2024-2252
The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping on user supplied...
EUVD-2024-19732
Malicious code in bioql PyPI...
EUVD-2024-27208
Malicious code in bioql PyPI...
CVE-2024-2252
The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping on user supplied...
Cross site scripting
The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-2252
CVE-2024-2252 refers to a stored XSS in the Droit Elementor Addons plugin for WordPress (versions up to 3.1.5). The vulnerability stems from insufficient input sanitization and output escaping on user-supplied attributes (e.g., URL) in the plugin’s widgets. Exploitation requires authentication at...
WordPress Plugin Droit Elementor Addons Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
PT-2024-19463 · WordPress · The Droit Elementor Addons
Name of the Vulnerable Software and Affected Versions: The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress versions up to, and including, 3.1.5 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input...
WordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Droit Elementor Addons Type Plugin Vulnerable versions = 3.1.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2252 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcd3705192b1 Credits Francesco Carlucci...
CVE-2024-22136
Cross-Site Request Forgery CSRF vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5...
CVE-2024-22136
Cross-Site Request Forgery CSRF vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5...
CVE-2024-22136 WordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5...
CVE-2024-22136 WordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5...
WordPress plugin Droit Elementor Addons Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2024-19222 · Unknown · The Droit Elementor Addons
Name of the Vulnerable Software and Affected Versions: Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder versions 3.1.5 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the specified software. This type of issue allows an attacker to perform...
WordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Droit Elementor Addons Type Plugin Vulnerable versions = 3.1.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-22136 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4b9fed982ddc Credits Elliot Require...