Lucene search
K
BdthemesUltimate Store Kit

4 matches found

CVE
CVE
added 2024/08/18 1:22 p.m.64 views

CVE-2024-43342

CVE-2024-43342 is a Stored XSS vulnerability in BdThemes Ultimate Store Kit Elementor Addons (affecting up to 1.6.4). The flaw stems from improper input neutralization during web page generation, enabling an attacker with network access to inject scripts that may affect user confidentiality and i...

6.5CVSS6.5AI score0.0024EPSS
CVE
CVE
added 2025/05/01 3:23 a.m.58 views

CVE-2025-2168

CVE-2025-2168 affects the Ultimate Store Kit – Elementor Addons, WooCommerce Builder, EDD Builder, and related widgets for WordPress, up to and including version 2.4.1. The root cause is missing or incorrect nonce validation in the dismiss() function, enabling CSRF that can allow unauthenticated ...

4.3CVSS4.5AI score0.00174EPSS
CVE
CVE
added 2024/08/28 2:5 a.m.57 views

CVE-2024-8030

CVE-2024-8030 affects Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, and Woocommerce Slider up to and including 2.0.3. It enables unauthenticated PHP Object Injection via deserialization of input in the _ultimate_store_...

9.8CVSS9.7AI score0.01075EPSS
CVE
CVE
added 2024/08/21 8:29 a.m.55 views

CVE-2024-5335

CVE-2024-5335 affects the WordPress plugin Ultimate Store Kit Elementor Addons (and related components) up to version 1.6.4. The vulnerability is an unauthenticated PHP Object Injection resulting from deserialization of untrusted input via the _ultimate_store_kit_compare_products cookie. The Word...

9.8CVSS9.7AI score0.00852EPSS