Lucene search
+L

94 matches found

cve
cve
added 2024/05/08 9:12 a.m.63 views

CVE-2024-34572

The CVE-2024-34572 entry concerns the WordPress plugin Fancy Elementor Flipbox (ThemePrix Fancy Elementor Flipbox). Affected component: the plugin’s input handling in web page generation, leading to Stored Cross-Site Scripting (XSS). Impact is described as Stored XSS with low severity metrics (CV...

6.5CVSS5.2AI score0.00238EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/08 9:12 a.m.45 views

CVE-2024-34572 WordPress Fancy Elementor Flipbox plugin <= 2.4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemePrix Fancy Elementor Flipbox fancy-elementor-flipbox allows Stored XSS.This issue affects Fancy Elementor Flipbox: from n/a through 2.4.2...

6.5CVSS6.6AI score0.00238EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/05/08 12:0 a.m.14 views

PT-2024-25988 · Unknown · Themeprix Fancy Elementor Flipbox

Name of the Vulnerable Software and Affected Versions: ThemePrix Fancy Elementor Flipbox versions through 2.4.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS. Recommendations: For...

6.5CVSS6.9AI score0.00238EPSS
Exploits0References6
cnnvd
cnnvd
added 2024/05/08 12:0 a.m.6 views

WordPress plugin Fancy Elementor Flipbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00238EPSS
Exploits0References2
patchstack
patchstack
added 2024/05/07 11:26 a.m.7 views

WordPress Fancy Elementor Flipbox plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Fancy Elementor Flipbox versions = 2.5.2...

6.5CVSS6.1AI score0.00238EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/05/07 12:0 a.m.13 views

WordPress Fancy Elementor Flipbox Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34572 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6fdd1efa32f5 Credits Khalid Yusuf Required privileg...

6.5CVSS6.6AI score0.00238EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2024/05/02 5:15 p.m.17 views

CVE-2024-2349

The Fancy Elementor Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Fancy Elementor Flipbox widget in all versions up to, and including, 2.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00428EPSS
Exploits0References3
cve
cve
added 2024/05/02 4:52 p.m.49 views

CVE-2024-2349

CVE-2024-2349 affects Fancy Elementor Flipbox for WordPress (all versions up to 2.4.2) with Stored XSS via the Fancy Elementor Flipbox widget. Root cause is insufficient input sanitization/output escaping. Exploitation requires authentication at contributor level or higher, enabling injection of ...

6.4CVSS6AI score0.00428EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/05/02 12:0 a.m.9 views

PT-2024-19896 · WordPress · Fancy Elementor Flipbox

Name of the Vulnerable Software and Affected Versions: Fancy Elementor Flipbox plugin for WordPress versions up to, and including, 2.4.2 Description: The issue is related to Stored Cross-Site Scripting via the Fancy Elementor Flipbox widget due to insufficient input sanitization and output...

6.4CVSS6AI score0.00428EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/05/02 12:0 a.m.7 views

WordPress plugin Fancy Elementor Flipbox 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6AI score0.00428EPSS
Exploits0References3
patchstack
patchstack
added 2024/04/30 7:44 a.m.9 views

WordPress Fancy Elementor Flipbox plugin <= 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Elementor Flipbox Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Fancy Elementor Flipbox Widget vulnerability discovered by Francesco Carlucci in WordPress Plugin Fancy Elementor Flipbox versions = 2.5.1...

6.4CVSS5.8AI score0.00428EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/04/30 12:0 a.m.9 views

WordPress Fancy Elementor Flipbox Plugin <= 2.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2349 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd388fab11b8 Credits Francesco Carluc...

6.4CVSS5.8AI score0.00428EPSS
Exploits0References3Affected Software1
patchstack
patchstack
added 2023/07/19 12:0 a.m.7 views

WordPress WN Flipbox Pro Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS)

Software WN Flipbox Pro Type Plugin Vulnerable versions = 1.15 Fixed in 2.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ef85e7e1358f Credits Rafie Muhammad Patchstack Required...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
osv
osv
added 2023/03/28 8:15 a.m.3 views

CVE-2022-45831

Unauth. Reflected Cross-Site Scripting XSS vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin = 2.8 versions...

6.1CVSS5.8AI score0.00408EPSS
Exploits0References1
cve
cve
added 2023/03/28 7:15 a.m.47 views

CVE-2022-45831

CVE-2022-45831 affects the WordPress plugin Image Hover Effects – Caption Hover with Carousel (biplob018 Image Hover Effects for Elementor With Lightbox and Flipbox) versions

7.1CVSS6AI score0.00408EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/03/28 7:15 a.m.24 views

CVE-2022-45831 WordPress Image Hover Effects - Caption Hover with Carousel Plugin <= 2.8 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin = 2.8 versions...

7.1CVSS6.4AI score0.00408EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/03/28 12:0 a.m.7 views

PT-2023-14774 · WordPress · Biplob018 Image Hover Effects For Elementor With Lightbox/Flipbox

Name of the Vulnerable Software and Affected Versions: biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox plugin versions = 2.8 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site...

7.1CVSS6.1AI score0.00408EPSS
Exploits0References4
wpvulndb
wpvulndb
added 2023/02/02 12:0 a.m.15 views

Image Hover Effects for Elementor with Lightbox and Flipbox < 3.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00408EPSS
Exploits0Affected Software1
nvd
nvd
added 2022/07/25 6:23 p.m.31 views

CVE-2022-33969

Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin = 2.6.0 at WordPress...

7.2CVSS0.00976EPSS
Exploits0References2
osv
osv
added 2022/07/25 6:23 p.m.4 views

CVE-2022-33969

Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin = 2.6.0 at WordPress...

7.2CVSS5.8AI score0.00976EPSS
Exploits0References2
Rows per page
Query Builder