7 matches found
CVE-2026-11380
The CVE-2026-11380 entry concerns the WordPress plugin JetWidgets For Elementor. Affected: JetWidgets For Elementor (WordPress) versions up to and including 1.0.21. Vulnerability: Stored Cross-Site Scripting due to insufficient output escaping and missing server-side validation of the Animated Bo...
EUVD-2024-27456
Malicious code in bioql PyPI...
EUVD-2023-12187
Malicious code in bioql PyPI...
EUVD-2024-27102
Malicious code in bioql PyPI...
WordPress JetWidgets For Elementor Plugin <= 1.0.18 is vulnerable to Cross Site Scripting (XSS)
Software JetWidgets For Elementor Type Plugin Vulnerable versions = 1.0.18 Fixed in 1.0.19 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10323 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8136ec91932f Credits Francesco...
CVE-2023-0034
The JetWidgets For Elementor WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
WordPress JetWidgets For Elementor Plugin <= 1.0.13 is vulnerable to Cross Site Scripting (XSS)
Software JetWidgets For Elementor Type Plugin Vulnerable versions = 1.0.13 Fixed in 1.0.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0034 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 896a74da0932 Credits Lana...