18 matches found
EUVD-2025-23332
Malicious code in bioql PyPI...
EUVD-2024-51700
Malicious code in bioql PyPI...
EUVD-2024-46794
Malicious code in bioql PyPI...
EUVD-2024-33412
Malicious code in bioql PyPI...
CVE-2025-7845
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
CVE-2025-7845
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
PT-2025-31604 · Elementor +1 · Elementor +1
Name of the Vulnerable Software and Affected Versions: Stratum – Elementor Widgets versions up to and including 1.6.0 Description: The Stratum – Elementor Widgets plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Advanced Google Maps and Image Hotspot widgets...
CVE-2024-5611
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-13642
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Hotspot widget in all versions up to, and including, 1.4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13642 Stratum – Elementor Widgets <= 1.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting Vulnerability via Image Hotspot Widget
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Hotspot widget in all versions up to, and including, 1.4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13642
The CVE refers to WordPress Stratum – Elementor Widgets (Stratum) plugin, vulnerable to Stored Cross-Site Scripting via the Image Hotspot widget. The issue exists in all versions up to and including 1.4.7 and stems from insufficient input sanitization and output escaping on user-supplied attribut...
WordPress plugin Stratum – Elementor Widgets 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
CVE-2024-10316 Stratum – Elementor Widgets <= 1.4.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4 in includes/templates/content-switcher.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract...
CVE-2024-5611
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5611 Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘labelyears’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-5611
CVE-2024-5611 : The Stratum – Elementor Widgets plugin for WordPress (versions
WordPress plugin Stratum - Elementor Widgets Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...