139 matches found
CVE-2025-8199
The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-203246
The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8199
The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8199
CVE-2025-8199 : Marquee Addons for Elementor is affected up to version 2.4.3. The vulnerability is a Stored Cross-Site Scripting in the Testimonial Marquee widget caused by insufficient input sanitization and output escaping on user-supplied attributes. An authenticated attacker with contributor-...
CVE-2025-8199 MarqueeAddons <= 2.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial Marquee Widget
The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-14062
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
WordPress MarqueeAddons plugin <= 2.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial Marquee Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Testimonial Marquee Widget vulnerability discovered by zer0gh0st in WordPress Plugin Marquee Addons for Elementor versions = 2.4.3...
WordPress plugin MarqueeAddons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site scripti...
PT-2025-51106
The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial Marquee widget in all versions up to, and including, 2.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-14062
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
CVE-2025-14062 Animated Pixel Marquee Creator <= 1.0.0 - Cross-Site Request Forgery via 'marquee' Parameter
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
EUVD-2025-202971
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
CVE-2025-14062 Animated Pixel Marquee Creator <= 1.0.0 - Cross-Site Request Forgery via 'marquee' Parameter
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
CVE-2025-14062
CVE-2025-14062 – Animated Pixel Marquee Creator (WordPress) is a CSRF vulnerability in all versions up to 1.0.0 caused by missing nonce validation on the marquee deletion function. This enables unauthenticated attackers to delete marquees via forged requests if the site administrator is fooled in...
WordPress plugin Animated Pixel Marquee Creator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-50849
The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request Forgery via the 'marquee' parameter in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the marquee deletion function. This makes it possible for unauthenticated attacke...
WordPress Animated Pixel Marquee Creator plugin <= 1.0.0 - Cross-Site Request Forgery via 'marquee' Parameter vulnerability
Cross-Site Request Forgery via 'marquee' Parameter vulnerability discovered by ChamlaVic in WordPress Plugin Animated Pixel Marquee Creator versions = 1.0.0...
Mozilla Firefox < 55.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 55.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-18 advisory. - Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson...
CVE-2025-62923
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debuggers Studio Marquee Addons for Elementor marquee-addons-for-elementor allows DOM-Based XSS.This issue affects Marquee Addons for Elementor: from n/a through = 3.8.2...
EUVD-2025-36017
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debuggers Studio Marquee Addons for Elementor marquee-addons-for-elementor allows DOM-Based XSS.This issue affects Marquee Addons for Elementor: from n/a through = 3.7.12...