Lucene search
K

1067 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-23543 WordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through = 6.5.5...

5.3CVSS5.9AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.26 views

CVE-2026-23543 WordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through = 6.5.5...

5.3CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.7 views

CVE-2026-23543

CVE-2026-23543 affects WPDeveloper Essential Addons for Elementor Lite (upto and including version 6.5.5). The root cause is Missing Authorization due to incorrectly configured access control, described as a Broken Access Control vulnerability. The NVD/Red Hat/CVE records consistently note this i...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20661

Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through = 6.5.5...

5.5AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.9 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

5.3CVSS5.8AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/15 1:28 p.m.9 views

CVE-2026-1512

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Info Box widget in all versions up to, and including, 6.5.9 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.7AI score0.00218EPSS
Exploits1References1
NVD
NVD
added 2026/02/14 10:16 a.m.18 views

CVE-2026-1512

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Info Box widget in all versions up to, and including, 6.5.9 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS0.00218EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/14 9:49 a.m.34 views

CVE-2026-1512 Essential Addons for Elementor <= 6.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Info Box widget in all versions up to, and including, 6.5.9 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS0.00218EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/14 9:49 a.m.9 views

CVE-2026-1512

The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Info Box widget in all versions up to, and including, 6.5.9 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.7AI score0.00218EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.10 views

WordPress plugin Essential Addons for Elementor – Popular Elementor Templates & Widgets 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00218EPSS
Exploits1References2
Patchstack
Patchstack
added 2026/02/13 11:54 p.m.11 views

WordPress Essential Addons for Elementor plugin <= 6.5.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Info Box Widget vulnerability discovered by knani alaaeddine iwd in WordPress Plugin Essential Addons for Elementor versions = 6.5.9...

6.4CVSS5.4AI score0.00218EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/06 7:7 a.m.14 views

CVE-2026-0867

The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.6AI score0.00279EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/06 6:17 a.m.11 views

WordPress Essential Blocks plugin < 4.4.3 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by Marc Montpas in WordPress Plugin Essential Blocks for Gutenberg versions 4.4.3...

9.8CVSS8.3AI score0.50673EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2026/02/05 6:47 a.m.26 views

CVE-2026-0867 Essential Widgets <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS0.00279EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/05 6:47 a.m.5 views

CVE-2026-0867

The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.6AI score0.00279EPSS
Exploits0References4
CVE
CVE
added 2026/02/05 6:47 a.m.35 views

CVE-2026-0867

CVE-2026-0867 affects the WordPress Essential Widgets plugin (versions up to and including 3.0). The issue is Stored Cross-Site Scripting in the ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes caused by insufficient input sanitization and output escaping on user-supplied attri...

6.4CVSS5.6AI score0.00279EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/05 6:47 a.m.4 views

CVE-2026-0867 Essential Widgets <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes

The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.6AI score0.00279EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.10 views

PT-2026-6024

Name of the Vulnerable Software and Affected Versions Essential Widgets plugin for WordPress versions up to and including 3.0 Description The Essential Widgets plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping on...

6.4CVSS5.7AI score0.00279EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.7 views

WordPress plugin Essential Widgets 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00279EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/02/04 10:25 p.m.10 views

WordPress Essential Widgets plugin <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Shortcodes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Essential Widgets versions = 3.0...

6.4CVSS5.3AI score0.00279EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder