WordPress Elementor Addon Elements plugin <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Twitter Widget vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.13.3...

CVE-2017-18533

The rimons-twitter-widget plugin before 1.3 for WordPress has XSS...

CVE-2024-2492

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-23719

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zckevin ZhinaTwitterWidget zhina-twitter-widget allows Reflected XSS.This issue affects ZhinaTwitterWidget: from n/a through = 1.0...

EUVD-2013-0267

Malware in sbrugna...

EUVD-2017-9649

Malware in sbrugna...

EUVD-2024-27441

Malicious code in bioql PyPI...

EUVD-2024-27056

Malicious code in bioql PyPI...

PT-2025-35009

Name of the Vulnerable Software and Affected Versions: dyiosah Ultimate twitter profile widget versions through 1.0 Description: A Cross-Site Request Forgery CSRF vulnerability exists in dyiosah Ultimate twitter profile widget, which also allows Stored Cross-Site Scripting XSS. Recommendations: A...

CVE-2023-45628

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in QROkes QR Twitter Widget plugin = 0.2.3 versions...

CVE-2024-2092

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2092 Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2024-18817 · WordPress · Elementor Addon Elements

Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.13.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Twitter Widget due to insufficient input sanitization and output escaping on...

CVE-2024-2492

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Plugin PowerPack Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-20663 · WordPress · Powerpack Addons For Elementor

Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to and including 2.7.18 Description: The issue is related to Stored Cross-Site Scripting via the Twitter Tweet widget due to insufficient input sanitization and output escaping...

WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin WP Twitter Mega Fan Box Widget versions = 1.0...

WordPress Plugin PowerPack Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

CVE-2023-45628

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in QROkes QR Twitter Widget plugin = 0.2.3 versions...