PT-2024-35760 · WordPress · La-Studio Element Kit For Elementor

Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions up to, and including, 1.3.8.1 Description: The issue allows authenticated attackers with Contributor-level access and above to include and execute arbitrary files on the server...

PT-2019-14685 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager plugin versions through 5.9.5 Description: The issue arises from improper encoding and insertion of data provided to the map style attribute of shortcodes, specifically locations map and events map, leading to Stored XSS...