CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Vulnrichment•added 2025/10/04 2:24 a.m.•2 views

CVE-2025-9029 WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission Function

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to missing authorization via the wdkithandlereviewsubmission function in versions less than, or equal to, 1.2.16. This is due to the plugin not properly verifyin...

4.3CVSS5.8AI score0.00115EPSS

Exploits0References2

CVE•added 2025/10/04 2:24 a.m.•9 views

CVE-2025-9029

CVE-2025-9029 concerns the WordPress plugin WDesignKit (Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder). The vulnerability is a missing authorization flaw in the function wdkit_handle_review_submission for versions

4.3CVSS5.8AI score0.00115EPSS

Exploits0References2

CNNVD•added 2025/10/04 12:0 a.m.•1 views

WordPress plugin WDesignKit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.6AI score0.00115EPSS

Exploits0References2

Patchstack•added 2025/10/03 11:48 p.m.•4 views

WordPress WDesignKit plugin <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission Function vulnerability

Missing Authentication via wdkithandlereviewsubmission Function vulnerability discovered by Peter Thaleikis in WordPress Plugin WDesignkit versions = 1.2.16...

4.3CVSS6.8AI score0.00115EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-9324

Malicious code in bioql PyPI...

6.4CVSS7.3AI score0.0038EPSS

Exploits0References3

RedhatCVE•added 2025/04/03 9:58 a.m.•3 views

CVE-2024-12189

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom widgets in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This...

6.4CVSS7.4AI score0.0038EPSS

Exploits0References1

NVD•added 2025/04/01 7:15 a.m.•8 views

CVE-2024-12189

6.4CVSS0.0038EPSS

Exploits0References2

CVE•added 2025/04/01 6:52 a.m.•40 views

CVE-2024-12189

The CVE-2024-12189 entry concerns the WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder plugin for WordPress. Connected material confirms a Stored Cross-Site Scripting vulnerability via custom widgets in all versions up to 1.2.2, caused by insufficie...

6.4CVSS7.4AI score0.0038EPSS

Exploits0References2

Patchstack•added 2025/03/31 7:56 p.m.•5 views

WordPress WDesignKit plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ankit Patel in WordPress Plugin WDesignkit versions = 1.2.3...

6.4CVSS6.3AI score0.0038EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/12/06 1:5 p.m.•7 views

CVE-2024-53811 WordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through = 1.0.40...

6.6CVSS7.2AI score0.0025EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by