7 matches found
EUVD-2024-46343
Malicious code in bioql PyPI...
CVE-2024-5188 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.22 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'getmanualcalendarevents' function in all versions up to, and including, 5.9.22 due to insufficient input sanitization and...
CVE-2024-5086 Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget
The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient input...
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.18 - Contributor+ Stored XSS
Description The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders is vulnerable to Stored Cross-Site Scripting via the ‘eaeleventtextcolor’ parameter...
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.9 - Contributor+ Stored Cross-Site Scripting
Description The plugin is vulnerable to Stored Cross-Site Scripting via the Content Ticker arrow attribute in all versions up to, and including, 5.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, ...
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.9 - Contributor+ Stored Cross-Site Scripting via Filterable Gallery
Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery Widget in all versions up to, and including, 5.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and abov...
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.9 - Contributor+ Stored Cross-Site Scripting
Description The plugin is vulnerable to Stored Cross-Site Scripting via the Filterable Controls label icon parameter in all versions up to, and including, 5.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access ...