CVE-2026-3013

Coppermine Photo Gallery in versions 1.6.09 through 1.6.27 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow to read content of any file accessible by the the web server process.This issue was fixed in versi...

CVE-2024-4634

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-43323

Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28...

WordPress ReviewX Plugin <= 1.6.28 is vulnerable to Broken Access Control

Software ReviewX Type Plugin Vulnerable versions = 1.6.28 Fixed in 1.6.29 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43323 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID aac7e9823c91 Credits Manab Jyoti Dowarah Required...

WordPress Elementor Header & Footer Builder plugin <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.28...

WordPress plugin Elementor Header & Footer Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...