CVE-2025-69374

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Local File Inclusion.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through =...

CVE-2025-69374

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Local File Inclusion.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through =...

CVE-2025-69374 WordPress Eleblog – Elementor Blog And Magazine Addons plugin <= 2.0.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Local File Inclusion.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through =...

CVE-2025-69374 WordPress Eleblog – Elementor Blog And Magazine Addons plugin <= 2.0.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Local File Inclusion.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through =...

CVE-2025-69374

CVE-2025-69374 is a Local File Inclusion vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons (ele-blog) affecting versions up to 2.0.3. The root cause is improper control of the filename for include/require in PHP, enabling inclusion of local files. Public disclosures in the co...

WordPress plugin Eleblog 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-21155

Name of the Vulnerable Software and Affected Versions SolverWp Eleblog – Elementor Blog And Magazine Addons versions through 2.0.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This...

WordPress Eleblog – Elementor Blog And Magazine Addons plugin <= 2.0.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Eleblog – Elementor Blog And Magazine Addons versions = 2.0.3...

EUVD-2024-34525

Malicious code in bioql PyPI...

EUVD-2024-33520

Malicious code in bioql PyPI...

CVE-2024-33945

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through 1.8...

CVE-2024-10663

The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbyeformcallback function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

CVE-2024-10663 Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission

The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbyeformcallback function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

CVE-2024-10663

CVE-2024-10663 concerns Eleblog – Elementor Blog And Magazine Addons for WordPress (versions up to 1.8). A missing capability check in goodbye_form_callback() enables unauthenticated? no, this requires authenticated Subscriber+ access to modify data by submitting a deactivation reason. The CVE no...

CVE-2024-10663 Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission

The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbyeformcallback function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...

WordPress plugin Eleblog 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-16439 · WordPress · Eleblog

Name of the Vulnerable Software and Affected Versions: Eleblog – Elementor Blog And Magazine Addons plugin for WordPress versions up to, and including, 1.8 Description: The issue is related to a missing capability check on the goodbye form callback function, allowing authenticated attackers with...

WordPress Eleblog – Elementor Blog And Magazine Addons plugin <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission vulnerability

Missing Authorization to Authenticated Subscriber+ Deactivation Submission vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Eleblog – Elementor Blog And Magazine Addons versions = 1.8...

Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

CVE-2024-33945

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through 1.8...