CVE-2025-11820

The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all versions up to, and including, 3.1.8 due to insufficient input sanitization and output escaping on data attributes. This makes it possible for authenticat...

CVE-2025-11820 Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets

The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all versions up to, and including, 3.1.8 due to insufficient input sanitization and output escaping on data attributes. This makes it possible for authenticat...

CVE-2025-11820

CVE-2025-11820 concerns the Graphina – Elementor Charts and Graphs plugin for WordPress, affected up to version 3.1.8. The issue is a Stored Cross‑Site Scripting (XSS) vulnerability caused by insufficient input sanitization and output escaping on data attributes, enabling an authenticated attacke...

WordPress Graphina plugin <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Chart Widgets vulnerability discovered by Webbernaut in WordPress Plugin Graphina versions = 3.1.8...

PT-2025-45097

Name of the Vulnerable Software and Affected Versions Graphina – Elementor Charts and Graphs plugin for WordPress versions through 3.1.8 Description The Graphina – Elementor Charts and Graphs plugin for WordPress is susceptible to Stored Cross-Site Scripting through multiple chart widgets. This i...

CVE-2025-8867

The Graphina - Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widget parameters in version 3.1.3 and below. This is due to insufficient input sanitization and output escaping on user supplied attributes such as chart categories,...

CVE-2025-8867 Graphina - Elementor Charts and Graphs <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Graphina - Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widget parameters in version 3.1.3 and below. This is due to insufficient input sanitization and output escaping on user supplied attributes such as chart categories,...

CVE-2024-4574

The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-47533 WordPress Graphina plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) to Local File Inclusion vulnerability

Cross-Site Request Forgery CSRF vulnerability in Iqonic Design Graphina allows PHP Local File Inclusion. This issue affects Graphina: from n/a through 3.0.4...

CVE-2025-47533 WordPress Graphina plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) to Local File Inclusion vulnerability

Cross-Site Request Forgery CSRF vulnerability in Iqonic Design Graphina graphina-elementor-charts-and-graphs allows PHP Local File Inclusion.This issue affects Graphina: from n/a through = 3.0.4...

WordPress plugin Graphina 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Graphina 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

WordPress plugin Graphina 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Graphina plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Graphina versions = 1.8.10...

WordPress Graphina plugin <= 1.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin Graphina versions = 1.8.9...

WordPress Graphina Plugin <= 1.8.9 is vulnerable to Cross Site Scripting (XSS)

Software Graphina Type Plugin Vulnerable versions = 1.8.9 Fixed in 1.8.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4574 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 937e343a9f16 Credits stealthcopter Required privile...

CVE-2024-4574

CVE-2024-4574 affects the Graphina – Elementor Charts and Graphs plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting flaw in multiple widgets present in all versions up to and including 1.8.9, caused by insufficient input sanitization and output escaping on user-supplied attr...

PT-2024-31742 · WordPress · Graphina

Name of the Vulnerable Software and Affected Versions: Graphina – Elementor Charts and Graphs plugin for WordPress versions up to, and including, 1.8.9 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied...