CVE-2024-4471 - PHP Object Injection Vulnerability in “The 140+ Widgets | Best Addons For Elementor – FREE” WordPress Plugin
In June 2024, a serious security issue (CVE-2024-4471) was uncovered in the popular WordPress plugin The 140+ Widgets | Best Addons For Elementor – FREE.
CVE-2024-1803 - Unpacking the WordPress EmbedPress PDF Block Vulnerability (Up to v3.9.12)
WordPress plugins make building and managing websites easier, but sometimes they also bring in security problems—especially when they don’t check who’s allowed
CVE-2024-4575 - How a Simple LayerSlider Shortcode Bug Exposed WordPress Sites to Stored XSS (With PoC)
The LayerSlider plugin is one of the most popular tools for building fancy sliders on WordPress sites. But in version 7.11., a serious security
CVE-2024-3997 - Stored XSS in Prime Slider – Addons For Elementor (Pagepiling Widget) – Exploit Analysis
A critical Stored Cross-Site Scripting (XSS) vulnerability has been discovered in the popular WordPress plugin Prime Slider – Addons For Elementor. Registered under CVE-2024-
CVE-2024-4378 - How WordPress Premium Addons for Elementor Plugin’s Menu & Shape Widgets Open Doors for Stored XSS Attacks
Date: June 2024
Severity: Medium–High
Affected Plugin: Premium Addons for Elementor
Vulnerable Versions: up to and including 4.10.30
Exploit Type: Stored Cross-
Episode
00:00:00
00:00:00