WordPress Elegant Addons for elementor plugin <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets vulnerability discovered by stealthcopter in WordPress Plugin Elegant Addons for elementor versions = 1.0.8...

EUVD-2024-49429

Malicious code in bioql PyPI...

CVE-2024-5092

The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Switcher, Slider, and Iconbox widgets in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

WordPress Sky Addons for Elementor plugin <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Content Switcher Widget Elementor Template vulnerability discovered by Nishiv in WordPress Plugin Sky Addons for Elementor versions = 2.6.1...

CVE-2024-9542

The CVE-2024-9542 entry concerns the WordPress plugin Sky Addons for Elementor. The vulnerability exists in all versions up to and including 2.6.1 and is triggered by the render function in modules/content-switcher/widgets/content-switcher.php. It permits authenticated attackers with Contributor-...

PT-2024-39266 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.12.2 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive data, including private, draft, and...

WordPress plugin Elegant Addons for elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-1393

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-1393 Elementor Addon Elements <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Switcher Widget

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'iconalign' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-1393

Elementor Addon Elements for WordPress has Stored XSS via the Content Switcher widget (icon_align) in all versions up to 1.12.12. Root cause: insufficient input sanitization and output escaping. Affected: plugin versions

WordPress Plugin Elementor Addon Elements Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-18005 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the icon align attribute of the Content Switcher widget due to insufficient input...