EUVD-2013-0732

Malware in sbrugna...

CVE-2024-13808

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access the widget. This makes it possible for...

PT-2025-17946 · WordPress · Xpro Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Xpro Elementor Addons - Pro plugin for WordPress versions 1.4.9 and below Description: The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom...

Cross-site Scripting (XSS)

Overview pagekit/pagekit is a modular and lightweight CMS built with Symfony components and Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the index.php/admin/site/widget endpoint. Details Cross-site scripting or XSS is a code vulnerability that occurs wh...

Trend Micro OfficeScan 11.0/XG (12.0) - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Trend Micro OfficeScan Remote Code Execution", 'Description' = %q This module exploits the authentication bypass and command injection vulnerabili...

Information disclosure

wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message...

CVE-2013-0721

Affected software: WordPress WP PHP Widget Plugin, version 1.0.2. Vulnerable component: wp-php-widget.php. Issue: Full Path Disclosure via a direct request, causing an error message to reveal the server path. Impact: Information disclosure; no exploitation details provided in the documents. Root ...