15 matches found
EUVD-2024-53072
Malicious code in bioql PyPI...
EUVD-2021-34157
Malicious code in bioql PyPI...
CVE-2024-56275
Server-Side Request Forgery SSRF vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14...
CVE-2024-56275
Server-Side Request Forgery SSRF vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14...
CVE-2024-56275 WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14...
CVE-2024-56275 WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14...
CVE-2024-56275
CVE-2024-56275 is supported by connected sources as a Server-Side Request Forgery affecting Envato Elements (WordPress plugin) versions up to 2.0.14, with authenticated (Author+) access context. The linked ENISA/Red Hat/Wordfence entries confirm the vulnerability exists in Envato Elements
WordPress plugin Envato Elements 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Envato Elements versions = 2.0.14...
CVE-2021-4330
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uploadTemplateKitZipFile functions. This makes it possible for...
CVE-2021-4330
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uploadTemplateKitZipFile functions. This makes it possible for...
Input validation
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uploadTemplateKitZipFile functions. This makes it possible for...
CVE-2021-4330
CVE-2021-4330 affects WordPress plugins “Template Kit – Import” (up to 1.0.13) and “Envato Elements & Download” (up to 2.0.10). The root cause is insufficient validation of file types during Zip extraction in the installFreeTemplateKit and uploadTemplateKitZipFileFile functions, enabling attacker...
CVE-2021-4330 Envato Elements <= 2.0.10 & Template Kit <= 1.0.13 - Authenticated (Contributor+) Arbitrary File Upload
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uploadTemplateKitZipFile functions. This makes it possible for...
WordPress plugin Envato Elements 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...