PT-2026-20915

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.9 Description SPIP versions before 4.4.9 contain a Cross-Site Scripting XSS issue in the private area. A previous fix in SPIP 4.4.8 was incomplete, and the echappe anti xss function was not consistently applied to...

PT-2026-26583

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the netfilter subsystem related to nf tables. During transaction processing, multiple catchall elements may exist, including one active and one...

CVE-2025-69016

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

CVE-2025-68995

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

WordPress ElementsKit Elementor Addons and Templates plugin <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Widget vulnerability discovered by Hardik Raval in WordPress Plugin ElementsKit Elementor addons Lite versions = 3.5.2...

WordPress Generic Elements plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Generic Elements versions = 1.2.8...

WordPress Unlimited Elements For Elementor plugin <= 1.5.135 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.135...

EUVD-2025-205741

Missing Authorization vulnerability in Gal Dubinski My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-68995

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

CVE-2025-68995 WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-68995

Technical details about CVE-2025-68995 are not provided in the supplied documents. The connected Wordfence report lists many vulnerabilities but does not disclose specifics for this CVE. Monitor for official advisories.

CVE-2025-68995 WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

PT-2025-53897

Name of the Vulnerable Software and Affected Versions averta Shortcodes and extra features for Phlox theme auxin-elements versions through 2.17.12 Description An authorization issue exists in averta Shortcodes and extra features for Phlox theme auxin-elements, allowing exploitation due to...

WordPress plugin My Sticky Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-53884

Name of the Vulnerable Software and Affected Versions My Sticky Elements versions prior to 2.3.3 Description The software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. Recommendations Update My Sticky Elements to a version...

CVE-2025-68574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin My Sticky Elements versions = 2.3.3...

EUVD-2025-205261

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...