EUVD-2024-43334

Malicious code in bioql PyPI...

WordPress plugin Responsive Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2024-29106

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.16...

CVE-2024-49665

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

CVE-2024-51841

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdul Awal Uzzal File Select Control For Elementor file-select-control-for-elementor allows DOM-Based XSS.This issue affects File Select Control For Elementor: from n/a through = 1.3...

CVE-2024-51927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Asaduzzaman Abir Rig Elements For Elementor rig-elements allows DOM-Based XSS.This issue affects Rig Elements For Elementor: from n/a through = 1.0...

CVE-2025-39589 WordPress Essential Addons for Elementor <= 6.1.9 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Essential Addons for Elementor: from n/a through 6.1.9...

CVE-2025-39590 WordPress Essential Addons for Elementor plugin <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...

CVE-2025-32135 WordPress Split Test For Elementor plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows Stored XSS.This issue affects Split Test For Elementor: from n/a through = 1.8.4...

CVE-2024-30533

Unrestricted Upload of File with Dangerous Type vulnerability in Techeshta Layouts for Elementor.This issue affects Layouts for Elementor: from n/a before 1.8...

WordPress Gold Addons for Elementor plugin <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation vulnerability

Missing Authorization to Authenticated Subscriber+ License Activation/Deactivation vulnerability discovered by BrokenAC ignore in WordPress Plugin Gold Addons for Elementor versions = 1.3.2...

Elementor < 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) in Image Box Widget

In the plugin, the image box widget includes/widgets/image-box.php accepts a ‘titlesize’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘savebuilder’ request containing JavaScript ...