CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

RedhatCVE•added 2026/01/07 9:13 a.m.•5 views

CVE-2024-2507

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget button URL in all versions up to, and including, 1.0.16 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00196EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:13 a.m.•4 views

CVE-2024-2138

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Animated Box widget in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00229EPSS

Exploits0References1

Patchstack•added 2025/12/15 5:48 p.m.•4 views

WordPress JetWidgets For Elementor plugin <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets vulnerability discovered by zer0gh0st in WordPress Plugin JetWidgets For Elementor versions = 1.0.20...

6.4CVSS5.5AI score0.00041EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/12/14 8:45 a.m.•3 views

CVE-2025-8195

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Comparison and Subscribe widgets in all versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5AI score0.00041EPSS

Exploits0References1

EUVD•added 2025/12/13 6:30 p.m.•2 views

EUVD-2025-203247

6.4CVSS4.7AI score0.00041EPSS

Exploits0References6

NVD•added 2025/12/13 4:16 p.m.•3 views

CVE-2025-8195

6.4CVSS0.00041EPSS

Exploits0References5

Cvelist•added 2025/12/13 8:21 a.m.•22 views

CVE-2025-8195 JetWidgets For Elementor <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets

6.4CVSS0.00041EPSS

Exploits0References5

CVE•added 2025/12/13 8:21 a.m.•10 views

CVE-2025-8195

CVE-2025-8195 affects the WordPress plugin JetWidgets For Elementor. It is a stored cross-site scripting (XSS) vulnerability in the Image Comparison and Subscribe widgets, exploitable in all versions up to 1.0.20. The root cause is insufficient input sanitization and output escaping on user-suppl...

6.4CVSS4.7AI score0.00041EPSS

Exploits0References5

Vulnrichment•added 2025/12/13 8:21 a.m.•3 views

CVE-2025-8195 JetWidgets For Elementor <= 1.0.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison and Subscribe Widgets

6.4CVSS4.7AI score0.00041EPSS

Exploits0References5

Positive Technologies•added 2025/12/13 12:0 a.m.•1 views

PT-2025-51105

6.4CVSS5AI score0.00041EPSS

Exploits0References5

CNNVD•added 2025/12/13 12:0 a.m.•2 views

WordPress plugin JetWidgets For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

6.4CVSS6AI score0.00041EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11182

Malware in sbrugna...

5.4CVSS5.5AI score0.00222EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-27456