CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through 1.4.16...

5.9CVSS6.8AI score0.00093EPSS

Exploits0

RedhatCVE•added 2025/05/23 10:16 a.m.•4 views

CVE-2024-32456

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo Extra allows Stored XSS.This issue affects Envo Extra: from n/a through 1.8.11...

6.5CVSS5.2AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:42 a.m.•5 views

CVE-2024-35167

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through 1.4.8...

6.5CVSS5.2AI score0.00163EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:32 a.m.•6 views

CVE-2024-50447

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce envo-elementor-for-woocommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a...

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:24 p.m.•5 views

CVE-2025-47471

Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through = 1.9.9...

4.3CVSS7.2AI score0.00168EPSS

Exploits0References1

NVD•added 2025/05/07 3:16 p.m.•5 views

CVE-2025-47471

4.3CVSS0.00168EPSS

Exploits0References1

CVE•added 2025/05/07 2:19 p.m.•40 views

CVE-2025-47471

CVE-2025-47471 concerns Envo Extra (WordPress)

4.3CVSS7.2AI score0.00168EPSS

Exploits0References1

Vulnrichment•added 2025/05/07 2:19 p.m.•9 views

CVE-2025-47471 WordPress Envo Extra <= 1.9.9 - Broken Access Control Vulnerability

Missing Authorization vulnerability in EnvoThemes Envo Extra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Envo Extra: from n/a through 1.9.9...

4.3CVSS4.6AI score0.00168EPSS

Exploits0References1

Cvelist•added 2025/05/07 2:19 p.m.•14 views

CVE-2025-47471 WordPress Envo Extra plugin <= 1.9.9 - Broken Access Control Vulnerability

4.3CVSS0.00168EPSS

Exploits0References1

NVD•added 2025/03/27 2:15 p.m.•2 views

CVE-2025-22770

Missing Authorization vulnerability in EnvoThemes Envo Multipurpose allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Multipurpose: from n/a through 1.1.6...

5.4CVSS0.00164EPSS

Exploits0References1

NVD•added 2024/10/28 6:15 p.m.•11 views

CVE-2024-50447

6.5CVSS0.00143EPSS

Exploits0References1

CVE•added 2024/10/28 5:57 p.m.•40 views

CVE-2024-50447

CVE-2024-50447 affects EnvoThemes Envo’s Elementor Templates & Widgets for WooCommerce (WordPress plugin). It is a Stored XSS vulnerability caused by improper input neutralization during page generation, affecting versions up to 1.4.19. Patch: update to 1.4.20 or later. The vulnerability details ...

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/10/28 5:57 p.m.•14 views

CVE-2024-50447 WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00143EPSS

Exploits0References1

Vulnrichment•added 2024/10/28 5:57 p.m.•8 views

CVE-2024-50447 WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.9AI score0.00143EPSS

Exploits0References1

NVD•added 2024/08/18 10:15 p.m.•12 views

CVE-2024-43292