PT-2024-17524 · WordPress · Wp Travel Engine – Elementor Widgets

Name of the Vulnerable Software and Affected Versions: WP Travel Engine – Elementor Widgets versions up to, and including, 1.3.7 Description: The WP Travel Engine – Elementor Widgets plugin for WordPress is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, wi...

MAL-2024-12098 Malicious code in widgets-mainappointments (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a05c4f3cc4d5297de929275823c2b67fd6bb6f8988f85acc300b9e4b342219b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in widgets-mainappointments (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a05c4f3cc4d5297de929275823c2b67fd6bb6f8988f85acc300b9e4b342219b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-17552 · WordPress · Animation Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Animation Addons for Elementor plugin for WordPress versions up to, and including, 1.1.6 Description: The issue concerns the exposure of sensitive information in the Animation Addons for Elementor plugin for WordPress. This is possible throug...

[SECURITY] Fedora 40 Update: python-notebook-7.3.1-1.fc40

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

[SECURITY] Fedora 41 Update: python-notebook-7.3.1-1.fc41

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

CVE-2024-11902

The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode in all versions up to, and including, 4.2.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11902

CVE-2024-11902 affects the Slope Widgets WordPress plugin. The issue is a Stored Cross-Site Scripting vulnerability via the plugin’s slope-reservations shortcode, present in all versions up to 4.2.11, caused by insufficient input sanitization and output escaping of user-supplied attributes. Conse...

CVE-2024-11902 Slope Widgets <= 4.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode in all versions up to, and including, 4.2.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-11902 Slope Widgets <= 4.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode in all versions up to, and including, 4.2.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Slope Widgets plugin <= 4.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Slope Widgets versions = 4.2.12...

PT-2024-17335 · WordPress · Slope Widgets

Name of the Vulnerable Software and Affected Versions: Slope Widgets plugin for WordPress versions up to, and including, 4.2.11 Description: The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode due to insufficient inpu...

WordPress plugin Slope Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-54338

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in christerf Hello Event Widgets For Elementor hello-event-widgets-for-elementor allows DOM-Based XSS.This issue affects Hello Event Widgets For Elementor: from n/a through = 1.0.2...

CVE-2024-54268

Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through = 1.64.0...

CVE-2024-54268

Missing Authorization vulnerability in SiteOrigin SiteOrigin Widgets Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through 1.64.0...

CVE-2023-36681

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

CVE-2023-36681

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

CVE-2024-54338 WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Christer Fernstrom Hello Event Widgets For Elementor allows DOM-Based XSS.This issue affects Hello Event Widgets For Elementor: from n/a through 1.0.2...

CVE-2024-54338

CVE-2024-54338 affects Hello Event Widgets For Elementor (WordPress) and allows DOM-based XSS due to improper neutralization of user input during web page generation for Hello Event Widgets For Elementor