7 matches found
WordPress Elementor Plugin Arbitrary File Read Vulnerability
WordPress Elementor Plugin is a visual page design plugin that allows users to create professional web pages with drag-and-drop modules and a visual editor without writing code. WordPress Elementor Plugin suffers from an arbitrary file read vulnerability that stems from the program failing to...
CVE-2025-32281 WordPress DarkMySite plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in DarkMySite DarkMySite darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite: from n/a through = 1.2.8...
CVE-2024-54444 WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.25.10...
CVE-2024-54444 WordPress Elementor plugin <= 3.25.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through = 3.25.10...
WordPress Elementor Website Builder Plugin <= 3.23.4 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Website Builder Type Plugin Vulnerable versions = 3.23.4 Fixed in 3.24.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5416 Patch priority Low CVSS severity Low 6.5 Developer Elementor PSID 8f473cdb82fd Credits wesley wcraft...
WordPress Void Elementor Post Grid Addon for Elementor Page builder Plugin <= 2.1.10 is vulnerable to Broken Access Control
Software Void Elementor Post Grid Addon for Elementor Page builder Type Plugin Vulnerable versions = 2.1.10 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48750 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID...
WordPress Exclusive Team for Elementor Plugin <= 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Exclusive Team for Elementor Type Plugin Vulnerable versions = 1.2.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8cf4101432fb Credits István...