Lucene search
+L
G5plusUltimate Bootstrap Elements For Elementor

6 matches found

CVE
CVE
added 2024/04/06 8:38 a.m.87 views

CVE-2024-2132

CVE-2024-2132 affects the Ultimate Bootstrap Elements for Elementor WordPress plugin. Root cause: Stored XSS via the Image Widget due to insufficient input sanitization and output escaping of user-supplied attributes. Impact (as described in connected RH entry): authenticated attackers with contr...

6.4CVSS7.6AI score0.0032EPSS
CVE
CVE
added 2024/03/02 12:39 p.m.75 views

CVE-2024-1398

CVE-2024-1398 affects the Ultimate Bootstrap Elements for Elementor plugin for WordPress. The vulnerability is Stored Cross-Site Scripting via the heading_title_tag and heading_sub_title_tag parameters in all versions up to 1.3.6, caused by insufficient input sanitization and output escaping. The...

6.4CVSS5.8AI score0.0051EPSS
CVE
CVE
added 2024/07/09 10:50 a.m.64 views

CVE-2024-37462

CVE-2024-37462 is an LFI/path traversal vulnerability in the Ultimate Bootstrap Elements for Elementor plugin. Public details identify affected software as Ultimate Bootstrap Elements for Elementor (1.0 through 1.4.2) and describe improper restriction of a pathname to a restricted directory, enab...

8.8CVSS8.7AI score0.00575EPSS
CVE
CVE
added 2025/01/24 8:23 a.m.58 views

CVE-2024-13545

CVE-2024-13545 affects Bootstrap Ultimate theme for WordPress (versions up to 1.4.9). Description: unauthenticated Local File Inclusion via the path parameter allows including PHP files on the server and executing code in those files; if php://filter is enabled, this may lead to Remote Code Execu...

9.8CVSS9.9AI score0.01257EPSS
CVE
CVE
added 2024/11/05 1:55 p.m.52 views

CVE-2024-10329

CVE-2024-10329 affects the WordPress plugin Ultimate Bootstrap Elements for Elementor (all versions up to 1.4.6). It enables Sensitive Information Exposure via the ube_get_page_templates function. Exploitation requires authentication with Contributor-level access or higher. The impact is disclosu...

4.3CVSS4.3AI score0.00403EPSS
CVE
CVE
added 2024/08/13 11:36 a.m.50 views

CVE-2024-43140

CVE-2024-43140 is a path traversal vulnerability in the WordPress plugin “Ultimate Bootstrap Elements for Elementor” that allows PHP local file inclusion. Affected: Ultimate Bootstrap Elements for Elementor

8.8CVSS7.6AI score0.00582EPSS