968 matches found
PT-2026-25289
CVE-2026-32445 Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Buil... https://t.co/2gh5OokC6T...
WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by davidfdzmorilla in WordPress Plugin Elementor Website Builder versions = 3.35.5...
CVE-2024-50555
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.29.0...
CVE-2024-50555
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.29.0...
CVE-2024-50555 WordPress Elementor Website Builder plugin <= 3.29.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.29.0...
CVE-2024-50555 WordPress Elementor Website Builder plugin <= 3.29.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.29.0...
CVE-2024-50555
CVE-2024-50555 : Affected product is Elementor Website Builder (WordPress) up to version 3.29.0. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw arising from improper input neutralization during web page generation. Multiple connected sources confirm the same issue and list the affe...
WordPress plugin Elementor Website Builder 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-21028
Name of the Vulnerable Software and Affected Versions Elementor Website Builder versions through 3.29.0 Description The Elementor Website Builder software contains a flaw related to improper input handling during web page generation, which can lead to Stored Cross-site Scripting XSS. This allows ...
Halo 安全漏洞
Halo is a powerful and easy-to-use open-source website building tool developed by Halo. Versions of Halo 2.22.4 and earlier contain security vulnerabilities. These vulnerabilities stem from defects in the public comment submission endpoint, which could allow remote attackers to trigger a...
CVE-2024-2120
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Navigation widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2024-2121
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2024-2781
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videohtmltag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
VvvebJs 安全漏洞
VvvebJs is a drag-and-drop website generator by Givan Personal Developers. A security vulnerability exists in VvvebJs version 1.7.2, which stems from a file upload vulnerability in save.php...
📄 Elementor Website Builder SQL Injection
Proof of concept exploit that demonstrates a remote SQL injection vulnerability in Elementor Website Builder versions prior 3.12.2. ============================================================================================================================================= | Title : Elementor...
CVE-2025-67588
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.33.0...
EUVD-2025-202065
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.33.0...
CVE-2025-67588 WordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.33.0...
CVE-2025-67588 WordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through = 3.33.0...
CVE-2025-67588
CVE-2025-67588 is a missing/broken authorization vulnerability in Elementor Website Builder (Elementor) up to version 3.33.0. The Red Hat and CVE records describe a misconfigured access control that could allow unauthorized access to governed functionality. The CVSS v3.1 base score is 4.3 (Medium...