33 matches found
WordPress ElementsKit Elementor Addons and Templates plugin <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Custom Widget vulnerability discovered by Hardik Raval in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.5.2...
EUVD-2021-11172
Malware in sbrugna...
EUVD-2024-36534
Malicious code in bioql PyPI...
EUVD-2023-43686
Malicious code in bioql PyPI...
CVE-2024-32505
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through = 3.0.6...
CVE-2023-39993
Missing Authorization vulnerability in Wpmet Elements kit Elementor addons.This issue affects Elements kit Elementor addons: from n/a through 2.9.0...
CVE-2021-24258
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
WordPress ElementsKit Elementor addons plugin <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Image Accordion Widget vulnerability discovered by Webbernaut in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.4.0...
CVE-2024-37255
Missing Authorization vulnerability in Wpmet Elements kit Elementor addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elements kit Elementor addons: from n/a through 3.1.4...
CVE-2024-37255
Missing Authorization vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through = 3.1.4...
WordPress plugin Elements kit Elementor addons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Elements kit Elementor addons Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8546 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 43112ffb0d64 Credits zer0gh0st Required...
WordPress Elements kit Elementor addons Plugin <= 3.2.0 is vulnerable to Sensitive Data Exposure
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.2.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6455 Patch priority Low CVSS severity Low 5.3 Developer Wpmet PSID b000113e05e5 Credits stealthcopter Required...
WordPress Elements kit Elementor addons Plugin <= 3.1.4 is vulnerable to Broken Access Control
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37255 Patch priority Low CVSS severity Low 5.3 Developer Wpmet PSID b0cbfbfccc4f Credits Rafie Muhammad Patchstack...
CVE-2023-39993
Missing Authorization vulnerability in Wpmet Elements kit Elementor addons.This issue affects Elements kit Elementor addons: from n/a through 2.9.0...
WordPress plugin Elements kit Elementor addons security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Elements kit Elementor addons Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3650 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 4df1a764f7bd Credits wesley wcraft Requir...
CVE-2024-32505
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpmet Elements kit Elementor addons allows Stored XSS.This issue affects Elements kit Elementor addons: from n/a through 3.0.6...
CVE-2024-32505
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through = 3.0.6...
PT-2024-24622 · Unknown · Wpmet Elements Kit Elementor Addons
Name of the Vulnerable Software and Affected Versions: Wpmet Elements kit Elementor addons versions 3.0.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attack...