EUVD-2024-43536

Malicious code in bioql PyPI...

EUVD-2024-29174

Malicious code in bioql PyPI...

EUVD-2023-52793

Malicious code in bioql PyPI...

CVE-2025-30948

Cross-Site Request Forgery CSRF vulnerability in Giraphix Creative Layouts for Elementor layouts-for-elementor allows Cross Site Request Forgery.This issue affects Layouts for Elementor: from n/a through = 1.11...

CVE-2025-30948

CVE-2025-30948: A CSRF vulnerability exists in Layouts for Elementor (Giraphix Creative Layouts for Elementor) affecting Version 1.11 and earlier. The issue allows CSRF due to insufficient anti-CSRF protection in requests that can modify state on affected endpoints. Current details from Red Hat (...

CVE-2025-31636

CVE-2025-31636 is a reflected Cross-Site Scripting vulnerability in the WordPress plugin “WP Post Modules for Elementor.” Affected versions are up to and including 2.5.0. The issue arises from improper input neutralization during web page generation. Evidence from multiple sources confirms the vu...

CVE-2024-43123

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Techeshta Card Elements for Elementor allows Stored XSS.This issue affects Card Elements for Elementor: from n/a through 1.2.2...

CVE-2024-37547

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a through 8.4.0...

CVE-2024-31278

Insertion of Sensitive Information Into Sent Data vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through = 4.10.22...

CVE-2024-29920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.2.9...

CVE-2024-35660

Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1...

CVE-2024-51674

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fast Themes Sastra Essential Addons for Elementor sastra-essential-addons-for-elementor allows DOM-Based XSS.This issue affects Sastra Essential Addons for Elementor: from n/a through = 1.0.5...

CVE-2024-51675

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite allows DOM-Based XSS.This issue affects aThemes Addons for Elementor: from n/a through = 1.0.7...

CVE-2025-39589

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Retrieve Embedded Sensitive Data.This issue affects Essential Addons for Elementor: from n/a through = 6.1.9...

CVE-2025-39546

Cross-Site Request Forgery CSRF vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows Cross Site Request Forgery.This issue affects ElementsReady Addons for Elementor: from n/a through = 6.6.2...

CVE-2025-46260

CVE-2025-46260 is a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Sky Addons for Elementor.” The issue arises from improper input neutralization during web page generation, enabling stored XSS. Affected products/versions: Sky Addons for Elementor versions n/a through 3....

CVE-2025-32158

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Syed Balkhi aThemes Addons for Elementor athemes-addons-for-elementor-lite.This issue affects aThemes Addons for Elementor: from n/a through = 1.1.3...

CVE-2025-22646

CVE-2025-22646 concerns the WordPress plugin aThemes Addons for Elementor (affected: versions up to 1.0.8). The vulnerability is a Stored Cross-Site Scripting (XSS) due to improper input neutralization during web page generation. The impact is stored XSS that could allow attackers to inject and e...

CVE-2024-56221 WordPress WPMozo Addons Lite for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows Stored XSS.This issue affects WPMozo Addons Lite for Elementor: from n/a through = 1.2.0...

CVE-2024-54212

CVE-2024-54212 (WordPress Magical Addons For Elementor) Stored XSS due to improper input neutralization during web page generation. Affected plugin: Magical Addons For Elementor (Header/Footer Builder, Free Elementor Widgets, Elementor Templates Library) up to version 1.2.6 (per CVE description)....