178 matches found
WPZOOM Social Icons Widget <= 4.2.15 - Missing Authorization
WPZOOM Social Icons Widget & Block versions up to 4.2.15 contain a missing authorization vulnerability caused by insufficient access control in the widget and block, letting attackers perform unauthorized actions, exploit requires no special conditions. id: CVE-2024-30464 info: name: WPZOOM Socia...
EUVD-2026-37590
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
CVE-2026-39597
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
CVE-2026-39597 WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
CVE-2026-49069
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...
CVE-2026-49069
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...
CVE-2026-49069 WordPress WPZOOM Portfolio plugin <= 1.4.21 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...
CVE-2026-49069
The CVE-2026-49069 entry refers to the WordPress WPZOOM Portfolio plugin (versions
EUVD-2026-36010
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...
PT-2026-48405
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...
WordPress plugin WPZOOM Portfolio 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress WPZOOM Portfolio plugin <= 1.4.21 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Kent Apostol in WordPress Plugin WPZOOM Portfolio versions = 1.4.21...
CVE-2026-4063 Social Icons Widget & Block <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation
The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the addmenuitem method hooked to adminmenu in all versions up to, and including, 4.5.8. This is due to the method performing wpinsertpost and...
WordPress WPZOOM Addons for Elementor - Starter Templates & Widgets plugin <= 1.3.4 - Unauthenticated Reflected Cross-Site Scripting via 'title_tag' Parameter vulnerability
WordPress WPZOOM Addons for Elementor - Starter Templates & Widgets plugin = 1.3.4 - Unauthenticated Reflected Cross-Site Scripting via 'titletag' Parameter vulnerability discovered by WordFence in WordPress Plugin WPZOOM Addons for Elementor versions = 1.3.4...
CVE-2026-2295
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
CVE-2026-2295
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
WordPress plugin WPZOOM Addons for Elementor – Starter Templates & Widgets 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
PT-2026-7511
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax post grid load more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated...