Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.9 views

CVE-2026-5159

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.7AI score0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 6:31 a.m.9 views

EUVD-2026-27189

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6AI score0.00283EPSS
Exploits0References9
NVD
NVD
added 2026/05/05 4:16 a.m.10 views

CVE-2026-5159

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00283EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/05 3:37 a.m.5 views

CVE-2026-5159 Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Follow Button Text' Parameter

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6AI score0.00283EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-36967

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram follow text' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6AI score0.00283EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/04/17 1:51 a.m.8 views

WordPress Royal Addons for Elementor plugin <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via Instagram Feed Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Instagram Feed Widget vulnerability discovered by Caspian in WordPress Plugin Royal Elementor Addons versions = 1.7.1056...

6.4CVSS5.8AI score0.00352EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/17 1:24 a.m.20 views

CVE-2026-5162

The CVE-2026-5162 entry concerns the Royal Addons for Elementor plugin (WordPress). It describes a Stored Cross-Site Scripting vulnerability in the Instagram Feed widget, exploitable via the instagram_follow_text setting in all versions up to 1.7.1056 due to insufficient input sanitization and ou...

6.4CVSS5.9AI score0.00352EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/17 1:24 a.m.31 views

CVE-2026-5162 Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via Instagram Feed Widget

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00352EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/17 1:24 a.m.5 views

EUVD-2026-23340

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.00352EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/17 1:24 a.m.2 views

CVE-2026-5162

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.00352EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.7 views

PT-2026-33394

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram follow text' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.00352EPSS
Exploits0References6
Rows per page
Query Builder