CVE-2023-49926

app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget...

CVE-2023-49755

Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2...

EUVD-2023-53678

Malicious code in bioql PyPI...

EUVD-2024-16754

Malicious code in bioql PyPI...

EUVD-2023-53821

Malicious code in bioql PyPI...

CVE-2024-3724

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Stack Group, Photo Stack, & Horizontal Timeline widgets in all versions up to, and including, 3.10.4 due to insufficient input sanitization and output escaping on user supplied...

CVE-2023-49755

Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2...

CVE-2023-49755 WordPress Elementor Timeline Widget plugin <= 2.2 - Notice Dismissal Vulnerability

Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2...

CVE-2023-49755 WordPress Elementor Timeline Widget plugin <= 2.2 - Notice Dismissal Vulnerability

Missing Authorization vulnerability in Satinder Singh Elementor Timeline Widget 3r-elementor-timeline-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through = 2.2...

WordPress plugin Elementor Timeline Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-5502

The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion, Dual Heading, and Vertical Timeline widgets in all versions up to, and including, 2.4.30 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-3743

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. Th...

CVE-2024-0977

The Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image URLs in the plugin's timeline widget in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output...

CVE-2024-0977

The Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image URLs in the plugin's timeline widget in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output...

CVE-2024-0977 Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline) <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image URLs in the plugin's timeline widget in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output...

CVE-2024-0977

The CVE-2024-0977 entry concerns Timeline Widget For Elementor (WordPress) up to version 1.5.3, which is vulnerable to stored XSS via image URLs due to insufficient input sanitization and output escaping. Exploitation requires authenticated access (Contributor+). The issue is mitigated by upgradi...

WordPress Plugin Timeline Widget For Elementor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-15956 · WordPress · The Timeline Widget For Elementor

Name of the Vulnerable Software and Affected Versions: The Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline plugin for WordPress versions up to, and including, 1.5.3 Description: The issue is related to Stored Cross-Site Scripting via image URLs in the plugin's...

WordPress Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline) Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Timeline Widget For Elementor Elementor Timeline, Vertical & Horizontal Timeline Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0977 Patch priority Low CVSS severity Low 6.5 Developer...

CVE-2023-49926

app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget...