Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.3 views

CVE-2024-3547

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'googleconnecterror' parameter in all versions up to, and including, 1.5.102 due to insufficient input sanitization and output escaping. This makes it...

6.1CVSS6AI score0.00397EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 4:55 a.m.4 views

Malicious code in google-connect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b73909cac81405458f9e1a50331aa80aed75bf630379f2eebdb3d06801457d56 The OpenSSF Package Analysis project identified 'google-connect' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSV
added 2025/01/24 4:55 a.m.2 views

MAL-2025-479 Malicious code in google-connect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b73909cac81405458f9e1a50331aa80aed75bf630379f2eebdb3d06801457d56 The OpenSSF Package Analysis project identified 'google-connect' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

WordPress plugin Unlimited Elements For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.1CVSS6AI score0.00397EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.4 views

PT-2024-26511 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.102 Description: The issue allows unauthenticated attackers to inject arbitrary web scripts in pages due to insufficient input sanitization and outpu...

6.1CVSS7.4AI score0.00397EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2015/06/24 12:0 a.m.40 views

WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting

Wordpress “Nextend Twitter Connect” =================================== Document Title: =============== WordPress “Nextend Twitter Connect” Plugin Version: 1.5.1 is vulnerable to Reflected XSS Cross Site Scripting Download URL: ============= https://wordpress.org/plugins/nextend-twitter-connect/...

6.4AI score0.0196EPSS
Exploits2
Rows per page
Query Builder