WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.8...

WordPress Extensions for Leaflet Map plugin <= 4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.7...

WordPress Extensions For CF7 Plugin Path Traversal Vulnerability

WordPress Extensions For CF7 Plugin is a plugin that extends the functionality of Contact Form 7, mainly used to enhance the database management, conditional logic processing and user guidance capabilities of native forms. The WordPress Extensions For CF7 Plugin suffers from a path traversal...

WordPress plugin Extensions For CF7 路径遍历漏洞

WordPress Extensions For CF7 Plugin is a plugin that extends the functionality of Contact Form 7, mainly used to enhance the database management, conditional logic processing and user guidance capabilities of native forms. The WordPress Extensions For CF7 Plugin suffers from a path traversal...

CVE-2025-31889 WordPress Extensions for Elementor plugin <= 2.0.40 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in petesheppard84 Extensions for Elementor. This issue affects Extensions for Elementor: from n/a through 2.0.40...

WordPress Extensions for Elementor plugin <= 2.0.40 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Extensions for Elementor versions = 2.0.40...

CVE-2025-24695 WordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.This issue affects Extensions For CF7: from n/a through = 3.2.0...

CVE-2025-24695 WordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Server Side Request Forgery.This issue affects Extensions For CF7: from n/a through = 3.2.0...

WordPress Extensions for Elementor plugin <= 2.0.40 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Extensions for Elementor versions = 2.0.40...

WordPress Extensions for Elementor Plugin <= 2.0.40 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Elementor Type Plugin Vulnerable versions = 2.0.40 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52471 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 37895dfd43f1 Credits Le Ngoc Anh Required...

WordPress Extensions for Elementor plugin <= 2.0.31 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Extensions for Elementor versions = 2.0.31...

WordPress Extensions for Elementor Plugin <= 2.0.31 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Elementor Type Plugin Vulnerable versions = 2.0.31 Fixed in 2.0.32 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-39668 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5c0f52c8e53f Credits Khalid Yusuf Required...

WordPress Extensions for Elementor plugin <= 2.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via EE Events and EE Flipbox Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via EE Events and EE Flipbox Widget vulnerability discovered by stealthcopter in WordPress Plugin Extensions for Elementor versions = 2.0.32...

WordPress Extensions for Elementor Plugin <= 2.0.32 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Elementor Type Plugin Vulnerable versions = 2.0.32 Fixed in 2.0.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4868 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e4e38eb0ff6b Credits stealthcopter...

WordPress Extensions for Elementor plugin <= 2.0.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Francesco Carlucci in WordPress Plugin Extensions for Elementor versions = 2.0.30...

WordPress Extensions for Elementor Plugin <= 2.0.30 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Elementor Type Plugin Vulnerable versions = 2.0.30 Fixed in 2.0.31 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5666 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 66cb64dd9468 Credits Francesco...

CVE-2023-23899 WordPress Extensions For CF7 Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in HasThemes Extensions For CF7 plugin = 2.0.8 versions leads to arbitrary plugin activation...

WordPress Extensions For CF7 Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Extensions For CF7 Type Plugin Vulnerable versions = 2.0.8 Fixed in 2.0.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0538927ff62d Credits István Márton...