CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Patchstack•added 2026/02/02 7:55 p.m.•4 views

WordPress Premium Addons PRO plugin <= 2.9.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multi Scroll Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multi Scroll Widget vulnerability discovered by wesley wcraft in WordPress Plugin Premium Addons PRO versions = 2.9.12...

6.4CVSS7.1AI score0.003EPSS

Exploits0References1Affected Software1

OSV•added 2024/03/13 4:15 p.m.•0 views

CVE-2024-2000

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'navigationdots' parameter of the Multi Scroll Widget in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.4CVSS7.4AI score0.003EPSS

Exploits0References2

NVD•added 2024/03/13 4:15 p.m.•9 views

CVE-2024-2000

6.4CVSS5.7AI score0.003EPSS

Exploits0References2

Prion•added 2024/03/13 4:15 p.m.•15 views

Cross site scripting

5.5CVSS6AI score0.003EPSS

Exploits0References2

CVE•added 2024/03/13 3:32 p.m.•37 views

CVE-2024-2000

CVE-2024-2000 affects the WordPress plugin Premium Addons PRO. The issue is stored XSS via the Multi Scroll Widget’s navigation_dots parameter due to insufficient input sanitization and output escaping, impacting all versions up to and including 2.9.12. authenticated users with contributor-level ...

6.4CVSS6.1AI score0.003EPSS

Exploits0References2Affected Software1

CNNVD•added 2024/03/13 12:0 a.m.•1 views

WordPress Plugin Premium Addons PRO Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS5.9AI score0.003EPSS

Exploits0References3

Positive Technologies•added 2024/03/13 12:0 a.m.•2 views

PT-2024-18488 · WordPress · Premium Addons Pro

Name of the Vulnerable Software and Affected Versions: Premium Addons PRO plugin for WordPress versions up to, and including, 2.9.12 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the navigation dots parameter of the...

6.4CVSS8AI score0.003EPSS

Exploits0References5

WPVulnDB•added 2024/03/07 12:0 a.m.•17 views

Premium Addons PRO < 2.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multi Scroll Widget

Description The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'navigationdots' parameter of the Multi Scroll Widget in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.003EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by