Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/09/08 3:12 a.m.1 views

CVE-2025-8360

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets in all versions up to, and including, 1.5.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5.1AI score0.00053EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/01/24 12:0 a.m.2 views

PT-2025-2129 · WordPress · Responsive Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress versions up to, and including, 1.6.4 Description: The issue is related to Stored Cross-Site Scripting via HTML tags in several widgets...

6.4CVSS6.1AI score0.00168EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/06/05 12:0 a.m.2 views

PT-2024-31192 · WordPress · Themesflat Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Themesflat Addons For Elementor plugin for WordPress versions up to, and including, 2.1.1 Description: The issue is related to Stored Cross-Site Scripting in several widgets via URL parameters due to insufficient input sanitization and output...

6.4CVSS5.9AI score0.00233EPSS
Exploits0References7
Prion
Prionadded 2023/06/26 10:15 p.m.12 views

Cross site scripting

Certain dashboard widgets on Trend Micro Apex Central on-premise are vulnerable to cross-site scripting XSS attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535...

5.8CVSS6.3AI score0.01062EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2021/05/05 7:15 p.m.2 views

CVE-2021-24260

The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2021/05/05 7:15 p.m.7 views

CVE-2021-24266

The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin before 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS0.00222EPSS
Exploits0References2
OSV
OSVadded 2021/05/05 7:15 p.m.0 views

CVE-2021-24269

The “Sina Extension for Elementor” WordPress Plugin before 3.3.12 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS6.1AI score
Exploits0References2
Prion
Prionadded 2021/05/05 7:15 p.m.12 views

Cross site scripting

The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

3.5CVSS5.2AI score0.00222EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder