Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/02/14 6:42 a.m.28 views

CVE-2026-1988 Flexi Product Slider and Grid for WooCommerce <= 1.0.5 - Authenticated (Contributor+) Local File Inclusion via 'theme' Shortcode Attribute

The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...

7.5CVSS0.00765EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.7 views

WordPress plugin Flexi Product Slider and Grid for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00765EPSS
Exploits0References5
CVE
CVE
added 2025/09/05 1:45 p.m.14 views

CVE-2025-58796

CVE-2025-58796 is a stored XSS in the WordPress plugin “Elementor Element Condition” (dudaster) affecting versions up to 1.0.5. The issue arises from improper input neutralization during web page generation, enabling script injection via crafted input. Public disclosures in multiple sources (incl...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/11 10:1 p.m.4 views

WordPress Mosaic Generator plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'c' Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'c' Parameter vulnerability discovered by muhammad yudha in WordPress Plugin Mosaic Generator versions = 1.0.5...

6.4CVSS5.5AI score0.00208EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder