6 matches found
WordPress HT Slider for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin HT Slider For Elementor versions = 1.7.4...
WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Behance Portfolio Manager versions = 1.7.5...
CVE-2025-8215 Responsive Addons for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The Responsive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress FundEngine Plugin <= 1.7.4 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin FundEngine versions = 1.7.4...
@clevercanyon/madrun (>=1.0.0 <=1.0.1), @coder/cmux (>=0.3.0-next.64.g5f200a6 <=0.5.1-next.10.g83f9dd4) +19 more potentially affected by CVE-2025-30222 via shescape (>=1.7.4 <=2.1.12)
shescape NPM version =1.7.4, =1.0.0, =0.3.0-next.64.g5f200a6, =1.0.6, =0.1.0, =0.9.22, =1.1.0, =0.1.2, =1.0.0, =0.1.24, =1.0.0, =1.5.1, =1.5.3 and more Source cves: CVE-2025-30222 Source advisory: OSV:GHSA-66PP-5P9W-Q87J...
Westermo MRD-315 Information Disclosure Vulnerability
The Westermo MRD-315 is a 3G wireless router from Westermo, Sweden. An information disclosure vulnerability exists in the Westermo MRD-315 version 1.7.3 and version 1.7.4. The vulnerability stems from a configuration or other error in the operation of a network system or product. An attacker coul...