CVE-2024-54268 WordPress SiteOrigin Widgets Bundle plugin <= 1.64.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in SiteOrigin SiteOrigin Widgets Bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through 1.64.0...

CVE-2024-54268

CVE-2024-54268 : A Missing Authorization vulnerability in SiteOrigin Widgets Bundle (WordPress plugin) affects versions up to 1.64.0. The root cause is an incorrectly configured access control security level, enabling broken access control. Public sources (Patchstack, Red Hat, CVE listings) descr...

CVE-2024-54268 WordPress SiteOrigin Widgets Bundle plugin <= 1.64.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through = 1.64.0...

CVE-2023-36681

The CVE-2023-36681 entry concerns the WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List (versions

CVE-2023-36681 WordPress Cryptocurrency Widgets – Price Ticker & Coins List plugin <= 2.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.2...

WordPress plugin Hello Event Widgets For Elementor 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2024-36222 · Christer Fernstrom · Hello Event Widgets For Elementor

Name of the Vulnerable Software and Affected Versions: Hello Event Widgets For Elementor versions 1.0.2 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows DOM-Based XSS. This problem...

WordPress plugin SiteOrigin Widgets Bundle 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-36148 · Siteorigin · Siteorigin Widgets Bundle

Name of the Vulnerable Software and Affected Versions: SiteOrigin Widgets Bundle versions 1.64.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...

WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Hello Event Widgets For Elementor versions = 1.0.2...

WordPress SiteOrigin Widgets Bundle plugin <= 1.64.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin SiteOrigin Widgets Bundle versions = 1.64.0...

CVE-2024-54228

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Weboccult Technologies Pvt Ltd Wot Elementor Widgets wot-elementor-widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through = 1.0.1...

CVE-2023-49192

Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...

CVE-2024-54228 WordPress Wot Elementor Widgets plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebOccult Technologies Pvt Ltd Wot Elementor Widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through 1.0.1...

CVE-2023-23823

CVE-2023-23823 refers to a missing authorization vulnerability in the WordPress plugin Enhanced Text Widget up to version 1.5.8 . The underlying issue is a failure in access control (broken authorization) that could allow unauthorized actions on the widget. The CVSS base score is 4.3 (Medium) , w...

CVE-2023-49192 WordPress Enhanced Text Widget plugin <= 1.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...

CVE-2023-49192 WordPress Enhanced Text Widget plugin <= 1.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in cl272 Enhanced Text Widget enhanced-text-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through = 1.6.3...

PT-2024-12001 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.5.8 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

WordPress plugin Wot Elementor Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-36106 · Unknown · Wot Elementor Widgets

Name of the Vulnerable Software and Affected Versions: Wot Elementor Widgets versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows DOM-Based XSS. This means that an attacker could potentially inject malicious...