CVE-2024-4378 - How WordPress Premium Addons for Elementor Plugin’s Menu & Shape Widgets Open Doors for Stored XSS Attacks
Date: June 2024
Severity: Medium–High
Affected Plugin: Premium Addons for Elementor
Vulnerable Versions: up to and including 4.10.30
Exploit Type: Stored Cross-Site
CVE-2024-1815 - Stored XSS in the Spectra – WordPress Gutenberg Blocks Plugin
CVE-2024-1815 is a serious security vulnerability that affects the popular WordPress plugin "Spectra – WordPress Gutenberg Blocks" (formerly known as Ultimate Addons for Gutenberg)
CVE-2024-1814 - How a Spectra WordPress Plugin Vulnerability Puts Your Site at Risk
WordPress is the engine behind millions of websites, and its plugins like Spectra (formerly called Ultimate Addons for Gutenberg) help users create rich pages without
CVE-2024-5165 - Critical XSS Vulnerabilities in Eclipse Ditto’s User Interface
Eclipse Ditto is a widely used open-source framework that helps you build digital twins for IoT (Internet of Things) applications. But between versions 3.. and
CVE-2024-2861 - Exploiting Stored XSS in ProfilePress WordPress Plugin (v4.15.8 and Below)
In the first half of 2024, a critical vulnerability—CVE-2024-2861—was discovered in the popular ProfilePress plugin for WordPress. If you’re running a site
Episode
00:00:00
00:00:00