EUVD-2025-204265

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the importelementortemplate AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make we...

PT-2025-52216

The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the import elementor template AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make...

N-able N-Central Authentication Bypass and XXE Scanner

This module scans for vulnerable N-able N-Central instances affected by CVE-2025-9316 Unauthenticated Session Bypass and CVE-2025-11700 XXE. The module attempts to exploit CVE-2025-9316 by sending a sessionHello SOAP request to the ServerMMS endpoint with various appliance IDs to obtain an...

CVE-2025-40890

A Stored Cross-Site Scripting vulnerability was discovered in the Dashboards functionality due to improper validation of an input parameter. An authenticated low-privilege user can craft a malicious dashboard containing a JavaScript payload and share it with victim users, or a victim can be...

CVE-2025-11536

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

CVE-2025-11536 Element Pack Addons for Elementor <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

CVE-2025-11536 Element Pack Addons for Elementor <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery

The Element Pack Addons for Elementor plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 8.2.5 via the wpajaximportelementortemplate action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to ma...

EUVD-2018-1977

Malware in sbrugna...

PT-2024-16381 · WordPress · The Music Player For Elementor – Audio Player & Podcast Player

Name of the Vulnerable Software and Affected Versions: The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress versions up to, and including, 2.4.1 Description: The issue is related to unauthorized modification of data due to a missing capability check on the import mp...

CVE-2022-4709

The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wprimportlibrarytemplate' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with subscriber-level permissions, to import and activate...

PT-2020-14342 · Salesagility · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.11.14 Description: The issue allows for CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. This occurs due to mishandling of these fields during a Download Import Fi...

Elementor Code Issue Vulnerability

Elementor is a WordPress page builder from the Elementor team that offers a variety of design elements and supports custom templates and more. A security vulnerability exists in the Import Template feature in Elementor version 2.7.4. The vulnerability can be exploited by an attacker to execute co...

CVE-2020-11509

An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37wplimporttemplate admin-post action which will execute in an administrator's browser if the template is used to create a page...

Qualys Cloud Platform 2.35 New Features

This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. Note: this post has been edited after publishing to remove the Rule-Based Method to...

Unrestricted file upload

LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...

Arbitrary file deletion

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter...

CVE-2018-1000646

LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution...

CVE-2018-1000647

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter...

OpenEMR Directory Traversal Vulnerability (CNVD-2019-10150)

OpenEMR is a medical practice management software that also supports electronic medical records EMR. A directory traversal vulnerability exists in portal/importtemplate.php in OpenEMR versions prior to 5.0.1.4, which can be exploited by a remote attacker to read arbitrary files via the "docid"...

OpenEMR Directory Traversal Vulnerability

OpenEMR is a medical practice management software that also supports electronic medical records EMR. A directory traversal vulnerability exists in portal/importtemplate.php in OpenEMR versions prior to 5.0.1.4, which can be exploited by remote attackers to execute arbitrary PHP code via the "doci...