32 matches found
CVE-2026-2295
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...
PT-2026-7511
The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax post grid load more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated...
WordPress plugin WPZOOM Addons for Elementor – Starter Templates & Widgets 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
EUVD-2025-203563
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM WPZOOM Addons for Elementor wpzoom-elementor-addons allows DOM-Based XSS.This issue affects WPZOOM Addons for Elementor: from n/a through = 1.2.10...
CVE-2025-67951 WordPress WPZOOM Addons for Elementor plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM WPZOOM Addons for Elementor wpzoom-elementor-addons allows DOM-Based XSS.This issue affects WPZOOM Addons for Elementor: from n/a through = 1.2.10...
EUVD-2024-36684
Malicious code in bioql PyPI...
EUVD-2024-31276
Malicious code in bioql PyPI...
EUVD-2024-46858
Malicious code in bioql PyPI...
EUVD-2024-44004
Malicious code in bioql PyPI...
CVE-2024-33539
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM WPZOOM Addons for Elementor Templates, Widgets allows Stored XSS.This issue affects WPZOOM Addons for Elementor Templates, Widgets: from n/a through 1.1.35...
CVE-2024-5147
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'gridstyle' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server,...
CVE-2024-5686 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Team Members widget in all versions up to, and including, 1.1.38 due to insufficient input sanitization and output escaping. This makes ...
CVE-2024-5686 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Team Members widget in all versions up to, and including, 1.1.38 due to insufficient input sanitization and output escaping. This makes ...
CVE-2024-5686
CVE-2024-5686 affects the WordPress plugin “WPZOOM Addons for Elementor (Templates, Widgets)”. The vulnerability is a Stored Cross-Site Scripting in the Team Members widget via the url attribute, present in all versions up to 1.1.38. The root cause is insufficient input sanitization and output es...
WordPress WPZOOM Addons for Elementor (Templates, Widgets) Plugin <= 1.1.38 is vulnerable to Cross Site Scripting (XSS)
Software WPZOOM Addons for Elementor Templates, Widgets Type Plugin Vulnerable versions = 1.1.38 Fixed in 1.1.39 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5686 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID aac04a37c574...
CVE-2024-5147
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'gridstyle' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server,...
CVE-2024-5147
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'gridstyle' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server,...
CVE-2024-5147 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File Inclusion
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'gridstyle' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server,...
CVE-2024-5147
CVE-2024-5147 : The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to unauthenticated Local File Inclusion via the grid_style parameter in all versions up to and including 1.1.37. The vulnerability allows including and executing arbitrary PHP files on the serv...