40 matches found
WordPress Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin <= 5.10.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Custom Gallery Widget vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Custom Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.1...
WordPress Essential Addons for Elementor plugin <= 5.9.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery & Interactive Circle vulnerability discovered by stealthcopter in WordPress Plugin Essential Addons for Elementor versions = 5.9.15...
WordPress Essential Addons for Elementor plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin Essential Addons for Elementor versions = 6.0.3...
WordPress DethemeKit For Elementor plugin <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via De Gallery Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via De Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin DethemeKit For Elementor versions = 2.1.8...
EUVD-2025-19947
Malicious code in bioql PyPI...
EUVD-2024-16378
Malicious code in bioql PyPI...
EUVD-2024-16939
Malicious code in bioql PyPI...
CVE-2025-28969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cybio Gallery Widget gallery-widget allows SQL Injection.This issue affects Gallery Widget: from n/a through = 1.2.1...
CVE-2025-28969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cybio Gallery Widget gallery-widget allows SQL Injection.This issue affects Gallery Widget: from n/a through = 1.2.1...
CVE-2025-28969
CVE-2025-28969 is a SQL Injection in the cybio/WP Gallery Widget prior to or up to version 1.2.1. The issue stems from improper neutralization of special elements in SQL commands for the Gallery Widget, enabling injection. Public details identify affected software as Gallery Widget versions ≤ 1.2...
CVE-2025-28969 WordPress Gallery Widget plugin <= 1.2.1 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cybio Gallery Widget allows SQL Injection. This issue affects Gallery Widget: from n/a through 1.2.1...
CVE-2025-28969 WordPress Gallery Widget plugin <= 1.2.1 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cybio Gallery Widget gallery-widget allows SQL Injection.This issue affects Gallery Widget: from n/a through = 1.2.1...
PT-2025-27880 · Unknown · Cybio Gallery Widget
Name of the Vulnerable Software and Affected Versions: cybio Gallery Widget versions 1.2.1 and earlier Description: The issue is related to the improper neutralization of special elements used in an SQL command, also known as 'SQL Injection'. This allows for SQL Injection in the cybio Gallery...
WordPress plugin Gallery Widget SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
CVE-2024-3208
The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 1.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
CVE-2024-1171
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery Widget in all versions up to, and including, 5.9.8 due to insufficient input sanitization and...
CVE-2024-10310
The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Gallery Widget 'imagetitle' parameter in all versions up to, and including, 5.10.1 due to insufficient input...
CVE-2024-13644
The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13644 DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via De Gallery Widget
The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-6591 · WordPress · Dethemekit For Elementor
Name of the Vulnerable Software and Affected Versions: DethemeKit For Elementor plugin for WordPress versions up to, and including, 2.1.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's De Gallery widget due to insufficient input sanitization and output escaping ...