PT-2024-16466 · WordPress +1 · Shortcodes For Elementor +1

Name of the Vulnerable Software and Affected Versions: Shortcodes for Elementor plugin for WordPress versions up to, and including, 1.0.4 RSTheme affected versions not specified Description: The issue is related to Information Exposure, where insufficient restrictions on which posts can be includ...

CVE-2024-11181

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wpreusablerender' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticate...

WordPress plugin Greenshift 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-16468 · WordPress · Powerpack Addons For Elementor

Name of the Vulnerable Software and Affected Versions: PowerPack Elementor Addons plugin for WordPress versions up to, and including, 2.8.1 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from password protected, private, or draft post...

PT-2024-16464 · WordPress · Xltab

Name of the Vulnerable Software and Affected Versions: XLTab – Accordions and Tabs for Elementor Page Builder plugin for WordPress versions up to, and including, 1.4 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft...

PT-2024-16536 · WordPress · Anywhere Elementor

Name of the Vulnerable Software and Affected Versions: AnyWhere Elementor plugin for WordPress versions up to, and including, 1.2.11 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft posts created by Elementor that...

CVE-2024-10787

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers...

PT-2024-16546 · WordPress · La-Studio Element Kit

Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions 1.4.4 and earlier Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private and draft posts created by Elemento...

CVE-2024-12062

The Charity Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.2 via the 'nacharityelementortemplate' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers...

CVE-2024-10780

The Restaurant & Cafe Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.9 via the 'narestaurantelementortemplate' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for...

CVE-2024-10798

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers,...

CVE-2024-10670

The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the primelementortemplate shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

CVE-2024-10798 Royal Elementor Addons and Templates <= 1.7.1003 - Authenticated (Contributor+) Post Disclosure

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers,...

PT-2024-16557 · WordPress · The Royal Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.7.1003 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft posts...

PT-2024-16447 · WordPress · Primary Addon For Elementor

Name of the Vulnerable Software and Affected Versions: The Primary Addon for Elementor plugin for WordPress versions up to, and including, 1.6.2 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft posts created with...

CVE-2024-10868

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.9 via the Advanced Tabs widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-10868 Enter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post Disclosure

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.9 via the Advanced Tabs widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

WordPress plugin Enter Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2024-39502 · WordPress · Wpdash Notes

Name of the Vulnerable Software and Affected Versions: WPDash Notes plugin for WordPress versions prior to 1.3.5 Description: The issue is related to a missing capability check on the wp ajax post it list comment function, allowing authenticated attackers with Subscriber-level access and above to...

PT-2024-16601 · WordPress · Enter Addons – Ultimate Template Builder For Elementor

Name of the Vulnerable Software and Affected Versions: The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress versions up to, and including, 2.1.9 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or...