285 matches found
WordPress ElementsKit Lite plugin < 3.7.9 - Unauthenticated Mailchimp REST Endpoint vulnerability
Unauthenticated Mailchimp REST Endpoint vulnerability discovered by Rahul Karne in WordPress Plugin ElementsKit Elementor addons Lite versions 3.7.9...
CVE-2026-23693
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor elementskit-lite WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API...
CVE-2026-23693
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor elementskit-lite WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API...
CVE-2026-23693
ElementsKit Lite (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose an unauthenticated REST endpoint at /wp-json/elementskit/v1/widget/mailchimp/subscribe. The endpoint accepts client-supplied Mailchimp credentials and inadequately validates parameters (including the list) when co...
CVE-2026-23693 ElementsKit Elementor Addons < 3.7.9 Unauthenticated Mailchimp REST Endpoint
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor elementskit-lite WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API...
CVE-2026-23693 ElementsKit Elementor Addons < 3.7.9 Unauthenticated Mailchimp REST Endpoint
ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor elementskit-lite WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API...
WordPress plugin ElementsKit Lite 访问控制错误漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
PT-2026-21554
Name of the Vulnerable Software and Affected Versions ElementsKit Lite WordPress plugin versions prior to 3.7.9 Description The ElementsKit Lite WordPress plugin versions prior to 3.7.9 exposes the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoi...
CVE-2024-2803
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
EUVD-2024-27747
Malicious code in bioql PyPI...
EUVD-2024-47551
Malicious code in bioql PyPI...
EUVD-2024-27009
Malicious code in bioql PyPI...
EUVD-2024-32899
Malicious code in bioql PyPI...
EUVD-2024-48060
Malicious code in bioql PyPI...
EUVD-2024-32177
Malicious code in bioql PyPI...
EUVD-2024-40645
Malicious code in bioql PyPI...
EUVD-2025-4703
Malicious code in bioql PyPI...
EUVD-2024-32229
Malicious code in bioql PyPI...
EUVD-2024-44034
Malicious code in bioql PyPI...
EUVD-2024-48061
Malicious code in bioql PyPI...