All the vulnerabilites related to webtechstreet - Elementor Addon Elements
cve-2024-1393
Vulnerability from cvelistv5
Published
2024-03-13 15:27
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'icon_align' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1393", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-15T13:53:59.955579Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:01:28.212Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:20.532Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0888d6-30e6-4957-b270-1968eace462e?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/content-switcher/skins/skin-3.php#L39" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/content-switcher/skins/skin-3.php#L39" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Mdr001" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027icon_align\u0027 attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T15:27:12.194Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0888d6-30e6-4957-b270-1968eace462e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/content-switcher/skins/skin-3.php#L39" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/content-switcher/skins/skin-3.php#L39" } ], "timeline": [ { "lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1393", "datePublished": "2024-03-13T15:27:12.194Z", "dateReserved": "2024-02-08T23:42:35.706Z", "dateUpdated": "2024-08-01T18:40:20.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4570
Vulnerability from cvelistv5
Published
2024-06-27 04:04
Modified
2024-08-01 20:47
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-4570", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-27T13:15:26.577270Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-27T13:15:41.671Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:47:40.919Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab5f43c0-83d3-4d09-becd-a3552bebd609?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13.4/classes/helper.php#L232" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3107074/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.5", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-27T04:04:32.934Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab5f43c0-83d3-4d09-becd-a3552bebd609?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13.4/classes/helper.php#L232" }, { "url": "https://plugins.trac.wordpress.org/changeset/3107074/" } ], "timeline": [ { "lang": "en", "time": "2024-06-26T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-4570", "datePublished": "2024-06-27T04:04:32.934Z", "dateReserved": "2024-05-06T19:59:19.702Z", "dateUpdated": "2024-08-01T20:47:40.919Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-7122
Vulnerability from cvelistv5
Published
2024-08-30 09:29
Modified
2024-08-30 13:26
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-7122", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T13:26:26.401021Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T13:26:42.104Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.6", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Craig Smith" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-30T09:29:48.121Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/668621b0-67ef-44fc-a126-e8c4e372666e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/assets/js/eae.js#L568" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/text-separator/widgets/text-separator.php#L570" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/animated-gradient/module.php#L160" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/image-compare/widgets/image-compare.php#L537" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/dual-button/widgets/dual-button.php#L1045" }, { "url": "https://wordpress.org/plugins/addon-elements-for-elementor-page-builder/#developers" }, { "url": "https://plugins.trac.wordpress.org/changeset/3143440/" }, { "url": "https://plugins.trac.wordpress.org/changeset/3143444/" } ], "timeline": [ { "lang": "en", "time": "2024-08-29T20:31:53.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-7122", "datePublished": "2024-08-30T09:29:48.121Z", "dateReserved": "2024-07-25T23:37:22.599Z", "dateUpdated": "2024-08-30T13:26:42.104Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2092
Vulnerability from cvelistv5
Published
2024-06-12 09:33
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-2092", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T19:28:34.326994Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T19:28:39.872Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:38.915Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67790c0b-c078-4955-a175-977a695392fc?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/twitter/widgets/twitter.php#L712" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3058768%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.3", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s Twitter Widget in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-12T09:33:12.508Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67790c0b-c078-4955-a175-977a695392fc?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/twitter/widgets/twitter.php#L712" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3058768%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2024-06-11T20:53:36.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Widget" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-2092", "datePublished": "2024-06-12T09:33:12.508Z", "dateReserved": "2024-03-01T15:27:37.269Z", "dateUpdated": "2024-08-01T19:03:38.915Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1358
Vulnerability from cvelistv5
Published
2024-03-13 15:26
Modified
2024-08-08 20:19
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T18:33:25.444Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:wpvibes:anywhere_elementor:*:*:*:*:*:wordpress:*:*" ], "defaultStatus": "unaffected", "product": "anywhere_elementor", "vendor": "wpvibes", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-1358", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-03-13T20:07:35.647535Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-08T20:19:03.701Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information." } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T15:26:37.292Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89" } ], "timeline": [ { "lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1358", "datePublished": "2024-03-13T15:26:37.292Z", "dateReserved": "2024-02-08T18:18:46.714Z", "dateUpdated": "2024-08-08T20:19:03.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0834
Vulnerability from cvelistv5
Published
2024-02-05 21:21
Modified
2024-08-01 18:18
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-0834", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-07T16:12:52.654629Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-27T20:57:00.162Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:18:18.723Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ebb5654-ba3e-4f18-8720-a6595a771964?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/price-table/widgets/price-table.php#L784" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3031349%40addon-elements-for-elementor-page-builder\u0026new=3031349%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "status": "affected", "version": "1.12.11" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Craig Smith" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-05T21:21:47.156Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ebb5654-ba3e-4f18-8720-a6595a771964?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/price-table/widgets/price-table.php#L784" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3031349%40addon-elements-for-elementor-page-builder\u0026new=3031349%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2024-02-05T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-0834", "datePublished": "2024-02-05T21:21:47.156Z", "dateReserved": "2024-01-23T18:30:41.506Z", "dateUpdated": "2024-08-01T18:18:18.723Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1392
Vulnerability from cvelistv5
Published
2024-03-13 15:26
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button1_icon' attribute of the Dual Button widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:webtechstreet:elementor_addon_elements:-:*:*:*:*:wordpress:*:*" ], "defaultStatus": "unknown", "product": "elementor_addon_elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-1392", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-13T17:43:14.068678Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-24T14:55:40.776Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:20.396Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33d7dc4d-bb41-456a-bd1a-37d8f2aada30?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/dual-button/widgets/dual-button.php#L885" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/dual-button/widgets/dual-button.php#L885" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Maxuel" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027button1_icon\u0027 attribute of the Dual Button widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T15:26:41.744Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33d7dc4d-bb41-456a-bd1a-37d8f2aada30?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/dual-button/widgets/dual-button.php#L885" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/dual-button/widgets/dual-button.php#L885" } ], "timeline": [ { "lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1392", "datePublished": "2024-03-13T15:26:41.744Z", "dateReserved": "2024-02-08T22:59:33.082Z", "dateUpdated": "2024-08-01T18:40:20.396Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4401
Vulnerability from cvelistv5
Published
2024-08-30 03:24
Modified
2024-08-30 14:06
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-4401", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T14:00:53.871092Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T14:06:23.738Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.5", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Matthew Rollings" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018id\u2019 and \u0027eae_slider_animation\u0027 parameters in all versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-30T03:24:16.982Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ecfc1466-41d2-498b-8210-c67e8550f5b8?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/animated-text/widgets/animated-text.php#L358" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/bg-slider/module.php#L284" }, { "url": "https://plugins.trac.wordpress.org/changeset/3107074#file6" }, { "url": "https://plugins.trac.wordpress.org/changeset/3107074#file7" } ], "timeline": [ { "lang": "en", "time": "2024-08-29T14:38:46.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via id and eae_slider_animation Parameters" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-4401", "datePublished": "2024-08-30T03:24:16.982Z", "dateReserved": "2024-05-01T19:15:06.673Z", "dateUpdated": "2024-08-30T14:06:23.738Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1391
Vulnerability from cvelistv5
Published
2024-03-13 15:27
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eae_custom_overlay_switcher’ attribute of the Thumbnail Slider widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1391", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-13T18:24:03.639751Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:59:52.227Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:20.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/977bab12-969d-4b15-9942-2b17c8541f61?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/bg-slider/module.php#L255" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/bg-slider/module.php#L255" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018eae_custom_overlay_switcher\u2019 attribute of the Thumbnail Slider widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T15:27:06.944Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/977bab12-969d-4b15-9942-2b17c8541f61?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/bg-slider/module.php#L255" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/bg-slider/module.php#L255" } ], "timeline": [ { "lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1391", "datePublished": "2024-03-13T15:27:06.944Z", "dateReserved": "2024-02-08T22:33:40.171Z", "dateUpdated": "2024-08-01T18:40:20.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3743
Vulnerability from cvelistv5
Published
2024-05-02 16:52
Modified
2024-08-01 20:20
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3743", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-02T20:16:06.291297Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:31:44.931Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:20:01.037Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f36fea15-0475-45ee-b913-790db6373aef?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/bg-slider/module.php#L269" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/shapes/triangle-bottom-right.php#L1" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/content-switcher/skins/skin-3.php#L43" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/info-circle/skins/skin-base.php#L154" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/timeline/skins/skin-base.php#L1363" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3078419%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.3", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Matthew Rollings" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets in all versions up to, and including, 1.13.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-02T16:52:50.968Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f36fea15-0475-45ee-b913-790db6373aef?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/bg-slider/module.php#L269" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/shapes/triangle-bottom-right.php#L1" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/content-switcher/skins/skin-3.php#L43" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/info-circle/skins/skin-base.php#L154" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/timeline/skins/skin-base.php#L1363" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3078419%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2024-04-29T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-3743", "datePublished": "2024-05-02T16:52:50.968Z", "dateReserved": "2024-04-12T19:53:27.335Z", "dateUpdated": "2024-08-01T20:20:01.037Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4689
Vulnerability from cvelistv5
Published
2023-11-15 22:32
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_elements function. This makes it possible for unauthenticated attackers to enable/disable elementor addon elements via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/472cdbc4-3bfa-4254-b35a-be7ae10782e6?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L46" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.7", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Marco Wotschka" }, { "lang": "en", "type": "finder", "value": "Paolo Tresso" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_elements function. This makes it possible for unauthenticated attackers to enable/disable elementor addon elements via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-15T22:32:28.680Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/472cdbc4-3bfa-4254-b35a-be7ae10782e6?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L46" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "timeline": [ { "lang": "en", "time": "2023-08-31T00:00:00.000+00:00", "value": "Discovered" }, { "lang": "en", "time": "2023-11-15T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-4689", "datePublished": "2023-11-15T22:32:28.680Z", "dateReserved": "2023-08-31T20:29:21.039Z", "dateUpdated": "2024-08-02T07:37:59.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1422
Vulnerability from cvelistv5
Published
2024-03-13 15:26
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:webtechstreet:elementor_addon_elements:-:*:*:*:*:wordpress:*:*" ], "defaultStatus": "unknown", "product": "elementor_addon_elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-1422", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-13T17:59:21.439461Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-24T14:53:51.704Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:21.223Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ba28184-b5c3-4a5c-a376-29b3c6a2aa20?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1048" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1062" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3037925%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3031349%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file26" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.12", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Craig Smith" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget\u0027s effect setting in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-13T15:26:47.854Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ba28184-b5c3-4a5c-a376-29b3c6a2aa20?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1048" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1062" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3037925%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=3031349%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file26" } ], "timeline": [ { "lang": "en", "time": "2024-02-21T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1422", "datePublished": "2024-03-13T15:26:47.854Z", "dateReserved": "2024-02-09T20:55:32.314Z", "dateUpdated": "2024-08-01T18:40:21.223Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2792
Vulnerability from cvelistv5
Published
2024-04-09 18:59
Modified
2024-08-01 19:25
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and including, 1.13.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-2792", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-25T18:48:27.573657Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-25T18:48:34.905Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:25:41.838Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dcc5a611-23bf-499e-8141-684458d9ce3b?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13#modules/image-compare/widgets" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/image-compare/widgets/image-compare.php#L508" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/image-compare/widgets/image-compare.php#L521" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3058768%40addon-elements-for-elementor-page-builder\u0026new=3058768%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.2", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in all versions up to, and including, 1.13.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-09T18:59:27.627Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dcc5a611-23bf-499e-8141-684458d9ce3b?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13#modules/image-compare/widgets" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/image-compare/widgets/image-compare.php#L508" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/image-compare/widgets/image-compare.php#L521" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3058768%40addon-elements-for-elementor-page-builder\u0026new=3058768%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2024-03-27T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-2792", "datePublished": "2024-04-09T18:59:27.627Z", "dateReserved": "2024-03-21T17:23:37.571Z", "dateUpdated": "2024-08-01T19:25:41.838Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4974
Vulnerability from cvelistv5
Published
2024-10-16 06:43
Modified
2024-10-16 18:06
Severity ?
EPSS score ?
Summary
Freemius SDK <= 2.4.2 - Missing Authorization Checks
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2022-4974", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-16T15:31:15.730919Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-16T18:06:13.377Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "YASR \u2013 Yet Another Star Rating Plugin for WordPress", "vendor": "paretodigital", "versions": [ { "lessThan": "2.0.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Events Addon for Elementor", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.9.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Fraud Prevention For WooCommerce and EDD", "vendor": "dots", "versions": [ { "lessThan": "2.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gutenberg Blocks \u2013 ACF Blocks Suite", "vendor": "wpengine", "versions": [ { "lessThan": "2.6.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimeter", "vendor": "bouncingsprout", "versions": [ { "lessThan": "2.7.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Past Events Extension", "vendor": "toddhalfpenny", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Pootle Pagebuilder \u2013 WordPress Page builder", "vendor": "pootlepress", "versions": [ { "lessThan": "5.7.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Local Delivery Drivers for WooCommerce", "vendor": "powerfulwp", "versions": [ { "lessThan": "1.8.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Gutenberg \u2013 Custom Block Templates", "vendor": "kkikuchi1220", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Required Taxonomies \u2013 Categories and Tags Mandatory", "vendor": "josevega", "versions": [ { "lessThan": "1.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Featured Products First for WooCommerce \u2013 A Extension of WooCommerce (WooCommerce Addon Plugin)", "vendor": "pmbaldha", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "SSL Certificate \u2013 Free SSL, HTTPS by SSL Zen", "vendor": "sslzen", "versions": [ { "lessThanOrEqual": "4.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Streak CRM For Gmail For Contact Form 7 \u2013 WordPress Plugin", "vendor": "wisersteps", "versions": [ { "lessThan": "1.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Dev Powers \u2013 ACF Color Coded Field Types Plugin", "vendor": "wpdevpowers", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "DancePress (TRWA)", "vendor": "benmoreassynt", "versions": [ { "lessThanOrEqual": "3.1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Product Size Charts Plugin for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "2.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Wp My Admin Bar", "vendor": "tribalnerd", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "A no-code page builder for beautiful performance-based content", "vendor": "setka", "versions": [ { "lessThan": "2.1.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "LocalSEOMap", "vendor": "mikebels", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Prayer", "vendor": "cromer12", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "AdFoxly \u2013 Ad Manager, AdSense Ads \u0026 Ads.txt", "vendor": "rafalosinski", "versions": [ { "lessThanOrEqual": "1.8.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Get Personal", "vendor": "stevehenty", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Checkout with Cash App on EDD", "vendor": "theafricanboss/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Server Info", "vendor": "usmanaliqureshi", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Custom WooCommerce Checkout Fields Editor", "vendor": "themelocation", "versions": [ { "lessThanOrEqual": "1.2.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "KRSP Frontend File Uploader", "vendor": "krsp", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Panorama Viewer- Best Plugin to Display Panoramic Images/Videos", "vendor": "bplugins", "versions": [ { "lessThan": "1.0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Attachment Download", "vendor": "janwyl", "versions": [ { "lessThan": "1.3.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "AutoSave Net", "vendor": "majick", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Wholesale Pricing for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "1.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Any Popup \u2013 Popup Forms, Optins \u0026 Ads", "vendor": "jcodex", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Checkout with Venmo on EDD", "vendor": "theafricanboss/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Payment gateway per Product for WooCommerce", "vendor": "dreamfox", "versions": [ { "lessThan": "3.1.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "HQTheme Extra", "vendor": "hqtheme", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Vit Website Reviews", "vendor": "vincoit", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce EU VAT Assistant", "vendor": "daigo75", "versions": [ { "lessThan": "2.0.28.220224", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Slider Block Gutenslider", "vendor": "eedee", "versions": [ { "lessThan": "5.7.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "HuCommerce | Magyar WooCommerce kieg\u00e9sz\u00edt\u00e9sek", "vendor": "surbma", "versions": [ { "lessThan": "30.3.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "KVoucher", "vendor": "lostboy7", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Video Player for YouTube", "vendor": "bplugins", "versions": [ { "lessThan": "1.5.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Error Log Monitor", "vendor": "whiteshadow", "versions": [ { "lessThan": "1.7.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SlideDeck: Responsive WordPress Slider Plugin", "vendor": "slidedeck", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Multi-currency for Woocommerce", "vendor": "premmerce", "versions": [ { "lessThan": "2.3.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Booking Addon for WooCommerce", "vendor": "mvvapps/", "versions": [ { "lessThan": "4.2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Event Partners \u2013 WordPress Plugin for Event and Conference Management", "vendor": "wpeventpartners/", "versions": [ { "lessThanOrEqual": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WC Shop Sync \u2013 Square Payment Gateway for WooCommerce, Inventory Sync Between Square and WooCommerce, Ultimate WooCommerce Square Plugin", "vendor": "wpexpertsio", "versions": [ { "lessThan": "4.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Add Expires Headers \u0026 Optimized Minify", "vendor": "passionatebrains", "versions": [ { "lessThan": "2.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "ForceField", "vendor": "majick", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "FIT: Featured Image Toolkit", "vendor": "richard-b", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "All in One Invite Codes", "vendor": "svenl77", "versions": [ { "lessThan": "1.0.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Dynamic Pricing and Discount Rules for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "2.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Better Messages \u2013 Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss", "vendor": "wordplus", "versions": [ { "lessThan": "1.9.9.170", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Grid \u0026 Styler For Contact Form 7 And Divi", "vendor": "wpt00ls", "versions": [ { "lessThan": "1.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Protect Uploads with Login \u2013 Protect Your Uploads", "vendor": "protectyouruploads", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Atlas \u2013 Knowledge Base", "vendor": "sakurapixel", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Simple Sitemap \u2013 Create a Responsive HTML Sitemap", "vendor": "dgwyer", "versions": [ { "lessThan": "3.5.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Super Video Player- Best WordPress Video Display Plugin for mp4/OGG", "vendor": "bplugins", "versions": [ { "lessThan": "1.6.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Books Gallery", "vendor": "mhmrajib", "versions": [ { "lessThan": "3.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "FiboSearch \u2013 Ajax Search for WooCommerce", "vendor": "damian-gora", "versions": [ { "lessThan": "1.17.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Tag Groups is the Advanced Way to Display Your Taxonomy Terms", "vendor": "stevejburge", "versions": [ { "lessThan": "1.43.10.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS", "vendor": "prasadkirpekar", "versions": [ { "lessThan": "1.2.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "ClickerVolt \u2013 Affiliate Links \u0026 Click Tracking for Performance Marketers", "vendor": "clickervolt", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "ConsultPress Lite", "vendor": "proteusthemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Divi Forms Styler \u2013 Gravity Forms, Fluent Forms \u0026 Contact Form 7", "vendor": "badhonrocks", "versions": [ { "lessThan": "1.3.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "StreamWeasels Twitch Integration", "vendor": "streamweasels", "versions": [ { "lessThan": "1.3.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Mobile View for Responsive web design optimization (UX design) + Mobile Friendly Test", "vendor": "pagup", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Zip Code Redirect", "vendor": "paulio21", "versions": [ { "lessThanOrEqual": "4.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Guestofy \u2013 Restaurant Reservations Plugin, Room Planer, Reservation Form", "vendor": "vohotv/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "CF7 Constant Contact Fields Mapping", "vendor": "ahmed17", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Booking Calendar | Appointment Booking | Bookit", "vendor": "jack-kitterhing", "versions": [ { "lessThan": "2.2.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "EthereumICO", "vendor": "ethereumicoio", "versions": [ { "lessThan": "2.3.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "RT Easy Builder \u2013 Advanced addons for Elementor", "vendor": "risetheme", "versions": [ { "lessThanOrEqual": "1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Contact Slider", "vendor": "wpexpertsio", "versions": [ { "lessThan": "2.4.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Country Based Payments for WooCommerce", "vendor": "ivan_paulin", "versions": [ { "lessThan": "1.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Filr \u2013 Secure document library", "vendor": "patrickposner", "versions": [ { "lessThan": "1.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Elasta", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "MapGeo \u2013 Interactive Geo Maps", "vendor": "carlosmoreirapt", "versions": [ { "lessThan": "1.5.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Animation Plugin \u2013 Animated Everything", "vendor": "galoover", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Notification Bell", "vendor": "wpdever", "versions": [ { "lessThan": "1.3.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Activity Log For MainWP", "vendor": "melapress", "versions": [ { "lessThan": "1.7.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Connected Sermons", "vendor": "oceas", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Edit and Create User Profiles \u2013 WP Sheet Editor", "vendor": "josevega", "versions": [ { "lessThan": "1.5.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "\u041a\u043d\u043e\u043f\u043a\u0430 \u042eMoney", "vendor": "milukove/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Bulk WooCommerce Category Creator", "vendor": "kartikparmar/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Math Captcha for CF7", "vendor": "alphabposervice", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Master Accordion ( Former WP Awesome FAQ Plugin )", "vendor": "litonice13", "versions": [ { "lessThan": "4.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Better Elementor Addons", "vendor": "kitforest", "versions": [ { "lessThan": "1.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Elementor Addons by Livemesh", "vendor": "livemesh", "versions": [ { "lessThan": "7.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Place Order Without Payment for WooCommerce", "vendor": "nitin247", "versions": [ { "lessThan": "2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "STEWoo \u2013 Super Transactional Emails for WooCommerce", "vendor": "boriscolombier/", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "DeMomentSomTres Address", "vendor": "marcqueralt", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Out of stock display for woocommerce", "vendor": "johnc1979", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Blocks \u2013 WordPress Blocks Plugin", "vendor": "ultimateblocks", "versions": [ { "lessThan": "2.4.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Auto Image Title Attribute (Image Title tag) optimizer (Image SEO)", "vendor": "pagup", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Radio \u2013 Worldwide Online Radio Stations Directory for WordPress", "vendor": "princeahmed", "versions": [ { "lessThan": "3.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "BookPress \u2013 For Book Authors", "vendor": "blackandwhitedigital", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Qyrr \u2013 simply and modern QR-Code creation", "vendor": "patrickposner", "versions": [ { "lessThan": "0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Directory Plugin For Business Listings \u2013 WP Local Plus", "vendor": "wpeka-club", "versions": [ { "lessThan": "1.4.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Equalize Digital Accessibility Checker \u2013 Audit Your Website for WCAG, ADA, and Section 508 Accessibility Errors", "vendor": "equalizedigital", "versions": [ { "lessThan": "1.2.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Funnelmentals", "vendor": "therealwebdisrupt", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Blockspare: Gutenberg Blocks \u0026 Patterns for Blogs, Magazines, Business Sites \u2013 Post Grids, Sliders, Carousels, Counters, Page Builder \u0026 Starter Site Imports, No Coding Needed", "vendor": "blockspare", "versions": [ { "lessThan": "2.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook", "vendor": "nasirahmed", "versions": [ { "lessThan": "1.1.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Product Carousel For WooCommerce \u2013 WoorouSell", "vendor": "mojofywp", "versions": [ { "lessThan": "1.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Robots.txt optimizer (+ XML Sitemap) \u2013 Boost SEO, Traffic \u0026 Rankings", "vendor": "pagup", "versions": [ { "lessThan": "1.4.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "GFireM Fields", "vendor": "gfirem", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Coupon Affiliates \u2013 Affiliate Plugin for WooCommerce", "vendor": "elliotvs", "versions": [ { "lessThan": "4.16.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Post Block", "vendor": "dipcode", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "LMS Plugin \u2013 eLearning, Online Courses by Attest", "vendor": "attest", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Frontend Admin by DynamiApps", "vendor": "shabti", "versions": [ { "lessThan": "3.3.33", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Simple Giveaways \u2013 Grow your business, email lists and traffic with contests", "vendor": "ibenic", "versions": [ { "lessThan": "2.42.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WPTools Masonry Gallery \u0026 Posts For Divi", "vendor": "wpt00ls", "versions": [ { "lessThan": "3.1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "GFireM Action After", "vendor": "gfirem", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Woo Ukrposhta", "vendor": "bandido", "versions": [ { "lessThan": "1.6.18", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "annasta Woocommerce Product Filters", "vendor": "annastaa", "versions": [ { "lessThan": "1.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Lead Stream", "vendor": "tprintyedisonave", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "The Events Calendar", "vendor": "theeventscalendar", "versions": [ { "lessThan": "5.14.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Focus on Reviews for WooCommerce", "vendor": "johnc1979", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Email Tracker \u2013 Email Tracking Plugin to track Emails for Open and Email Links Click (Compatible with WooCommerce)", "vendor": "pmbaldha", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Block Styler For Gravity Forms", "vendor": "wpt00ls", "versions": [ { "lessThanOrEqual": "6.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Page Templates", "vendor": "josevega", "versions": [ { "lessThan": "1.1.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Product Customer List for WooCommerce", "vendor": "kokomoweb", "versions": [ { "lessThan": "3.0.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Moose", "vendor": "wpmoose", "versions": [ { "lessThan": "1.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Team Members \u2013 A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More", "vendor": "samdani", "versions": [ { "lessThan": "1.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Floating Social Share Icons and Social Share buttons \u2013 Next Previous Post Links \u2013 FL", "vendor": "jwebsol", "versions": [ { "lessThan": "3.6.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "South Pole: Climate action now", "vendor": "co2ok", "versions": [ { "lessThan": "1.0.2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "LittleBot Invoices", "vendor": "jwind", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Genealogical Tree \u2013 WordPress Family Tree", "vendor": "akdevs", "versions": [ { "lessThanOrEqual": "2.1.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Automatic YouTube Gallery", "vendor": "plugins360", "versions": [ { "lessThan": "1.6.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Thank You Page for WooCommerce", "vendor": "nitin247", "versions": [ { "lessThan": "3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Marijuana Age Verify", "vendor": "5starplugins", "versions": [ { "lessThan": "1.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce upcoming Products", "vendor": "skshaikat", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Frontend Admin \u2013 Add and edit posts, pages, users and more all from the frontend", "vendor": "shabti", "versions": [ { "lessThan": "3.3.33", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SV Tracking Manager", "vendor": "matthias-reuter", "versions": [ { "lessThan": "1.8.02", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP EasyPay \u2013 Square for WordPress", "vendor": "wpexpertsio", "versions": [ { "lessThan": "4.0.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress SEO Checklist", "vendor": "flexithemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "wGauge \u2013 Free Version", "vendor": "wgauge", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Prime Slider \u2013 Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)", "vendor": "bdthemes", "versions": [ { "lessThan": "2.7.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Post Form \u2013 Registration Form \u2013 Profile Form for User Profiles \u2013 Frontend Content Forms for User Submissions (UGC)", "vendor": "svenl77", "versions": [ { "lessThan": "2.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Tools Divi Product Carousel", "vendor": "wpt00ls", "versions": [ { "lessThan": "1.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Guest posting / Frontend Posting wordpress plugin \u2013 WP Front User Submit / Front Editor", "vendor": "aharonyan", "versions": [ { "lessThan": "3.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Social Gallery Lite", "vendor": "woodyhayday", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Stackable \u2013 Page Builder Gutenberg Blocks", "vendor": "bfintal", "versions": [ { "lessThan": "3.1.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Five-Star Ratings Shortcode", "vendor": "seezee", "versions": [ { "lessThan": "1.2.39", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CAPTCHA 4WP \u2013 Antispam CAPTCHA solution for WordPress", "vendor": "melapress", "versions": [ { "lessThan": "7.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Wishlist for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "1.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Salon Booking System", "vendor": "wordpresschef", "versions": [ { "lessThan": "7.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Surbma | GDPR Proof Cookie Consent \u0026 Notice Bar", "vendor": "surbma", "versions": [ { "lessThan": "17.5.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Advance Menu Manager", "vendor": "dots", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Live TV Player \u2013 Worldwide Live TV Channels Player for WordPress", "vendor": "princeahmed", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Market Exporter", "vendor": "vanyukov", "versions": [ { "lessThanOrEqual": "2.0.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Adminify \u2013 Custom WordPress Dashboard, Login and Admin Customizer", "vendor": "litonice13", "versions": [ { "lessThan": "2.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "TK Google Fonts GDPR Compliant", "vendor": "svenl77", "versions": [ { "lessThan": "2.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Starfish Review Generation \u0026 Marketing for WordPress", "vendor": "starfishwp", "versions": [ { "lessThan": "3.0.26", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Emaily", "vendor": "halmat", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Education Addon for Elementor", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SV Proven Expert", "vendor": "matthias-reuter", "versions": [ { "lessThan": "1.8.01", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SurveyFunnel \u2013 Survey Plugin for WordPress", "vendor": "wpeka-club", "versions": [ { "lessThan": "1.1.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Advanced Classifieds \u0026 Directory Pro", "vendor": "pluginsware", "versions": [ { "lessThan": "1.8.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Music Player for Elementor \u2013 Audio Player \u0026 Podcast Player", "vendor": "smartwpress", "versions": [ { "lessThan": "1.5.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Cryptocurrency Product for WooCommerce", "vendor": "ethereumicoio", "versions": [ { "lessThan": "3.14.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Next Order Coupon", "vendor": "kenanfallon", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Overlay Image Divi Module", "vendor": "themeythemes", "versions": [ { "lessThan": "1.3.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Email Header Footer", "vendor": "pmbaldha", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Document Viewer- Plugin to Display MS Office Docs", "vendor": "bplugins", "versions": [ { "lessThan": "2.2.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Price Bands for WooCommerce", "vendor": "nplugins", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThan": "1.11.14", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Smart Variations Images \u0026 Swatches for WooCommerce", "vendor": "drosendo", "versions": [ { "lessThan": "5.1.10", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Featured Images in RSS for Mailchimp \u0026 More", "vendor": "5starplugins", "versions": [ { "lessThan": "1.5.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Simple Sponsorships", "vendor": "ibenic", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Unlimited Elements For Elementor (Free Widgets, Addons, Templates)", "vendor": "unitecms", "versions": [ { "lessThan": "1.5.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Joli Table Of Contents", "vendor": "wpjoli", "versions": [ { "lessThan": "1.3.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Sparrow: Product Reviews and Ratings for WooCommerce", "vendor": "getsparrow", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Multi Page Auto Advance for Gravity Forms", "vendor": "zerozendesign", "versions": [ { "lessThan": "4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Generate Images \u2013 Magic Post Thumbnail", "vendor": "mcurly", "versions": [ { "lessThan": "3.3.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Live Scores for SportsPress", "vendor": "ibenic", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Hide Shipping Method For WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "1.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Carousel For Divi", "vendor": "wpt00ls", "versions": [ { "lessThan": "4.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Meta and Date Remover", "vendor": "prasadkirpekar", "versions": [ { "lessThan": "1.9.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Image Carousel For Divi", "vendor": "wpt00ls", "versions": [ { "lessThan": "1.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Comments Not Replied To", "vendor": "dudo", "versions": [ { "lessThan": "1.5.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Contact Form 7 \u2013 Capsule CRM \u2013 Integration", "vendor": "wisersteps", "versions": [ { "lessThan": "1.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Opensea", "vendor": "alexmoss", "versions": [ { "lessThan": "1.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Translation plugin for Post, Pages \u0026 WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator.", "vendor": "tranzly", "versions": [ { "lessThan": "1.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Pixel Manager for WooCommerce \u2013 Track Google Analytics, Google Ads, TikTok and more", "vendor": "alekv", "versions": [ { "lessThan": "1.14.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Modern Addons for Elementor Page Builder", "vendor": "gowebsmarty", "versions": [ { "lessThan": "1.2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Viralike", "vendor": "themesei", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Dev Powers \u2013 Element Selector jQuery Powers Plugin", "vendor": "wpdevpowers", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Munich Blocks \u2013 Gutenberg Blocks for WordPress", "vendor": "wpmunich", "versions": [ { "lessThan": "0.11.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Availability datepicker \u2013 Integrate with Contact Form 7 and Divi", "vendor": "inputwp", "versions": [ { "lessThanOrEqual": "2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Footer Plugin for Divi", "vendor": "diviframework", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Accept Stripe Donation and Payments \u2013 AidWP", "vendor": "mhmrajib", "versions": [ { "lessThan": "2.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "New User Approve", "vendor": "wpexpertsio", "versions": [ { "lessThan": "2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "GFireM Advance Search", "vendor": "gfirem", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WPMailer \u2013 The best mail builder, No More Core for your emails support Elementor, CF7 forms etc\u2026", "vendor": "giladtakoni", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Shared Files \u2013 Frontend File Upload Form \u0026 Secure File Sharing", "vendor": "anssilaitila", "versions": [ { "lessThan": "1.6.72", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WPBITS Addons For Elementor Page Builder", "vendor": "wpbits", "versions": [ { "lessThan": "1.3.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Speculor", "vendor": "prelc", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Google Street View (with 360\u00b0 virtual tour) \u0026 Google maps + Local SEO", "vendor": "pagup", "versions": [ { "lessThan": "1.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Everse Starter Sites \u2013 Elementor Templates", "vendor": "deothemes", "versions": [ { "lessThan": "1.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Master Addons \u2013 Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, \u0026 Animations", "vendor": "litonice13", "versions": [ { "lessThan": "1.8.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Choice Payment Gateway for WooCommerce", "vendor": "versacomp", "versions": [ { "lessThan": "2.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Domain Mapping System | Create Microsites with Multiple Alias Domains (multisite optional)", "vendor": "brandonfire", "versions": [ { "lessThan": "1.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Order and Inventory Manager for WooCommerce", "vendor": "stylingwebben", "versions": [ { "lessThan": "1.4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ninja Libs Amazon SES", "vendor": "ninjalibs", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Delete All Comments of wordpress", "vendor": "royalnavneet", "versions": [ { "lessThan": "4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP-Cron Status Checker", "vendor": "webheadllc", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CodeKit \u2013 Custom Codes Editor", "vendor": "bilaltas", "versions": [ { "lessThan": "2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justified, Masonry \u0026 Carousel", "vendor": "bradvin", "versions": [ { "lessThan": "2.1.34", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Change Price Title for WooCommerce", "vendor": "kartikparmar", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Gallery Plugin \u2013 Edge Photo Gallery", "vendor": "edgegalleryplugin", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Glorious Services \u0026 Support", "vendor": "gloriousthemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Newsletter Signups", "vendor": "alphabposervice", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Announcement \u0026 Notification Banner \u2013 Bulletin", "vendor": "mikewire_rocksolid", "versions": [ { "lessThan": "3.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Advanced Database Replacer", "vendor": "dam6pl", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Multisite Robots.txt Manager", "vendor": "tribalnerd", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Simple Social Page Widget \u0026 Shortcode", "vendor": "irkanu", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Country Catalogs \u2013 Product Country Restrictions", "vendor": "josevega", "versions": [ { "lessThan": "1.13.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Front End PM", "vendor": "shamim51", "versions": [ { "lessThan": "11.3.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Divi Modules Suite \u2013 Divi Sumo Lite", "vendor": "divisumo", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "XT Points \u0026 Rewards for WooCommerce", "vendor": "xplodedthemes", "versions": [ { "lessThan": "1.4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Widgets for WooCommerce Products on Elementor", "vendor": "themelocation", "versions": [ { "lessThan": "1.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Delivery for WooCommerce", "vendor": "popeating", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP SMS Plugin \u2013 WordPress SMS Two Factor Authentication \u2013 2FA, Two Factor, OTP SMS and Email", "vendor": "mohsinoffline", "versions": [ { "lessThan": "1.3.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Security Ninja \u2013 Secure Firewall \u0026 Secure Malware Scanner", "vendor": "cleverplugins", "versions": [ { "lessThan": "5.135", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "TinyMCE Annotate", "vendor": "xyulex", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Justified Gallery", "vendor": "damian-gora", "versions": [ { "lessThan": "1.5.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Book BuyBack Prices", "vendor": "mberding", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Fuse Social Floating Sidebar", "vendor": "daniyalahmedk", "versions": [ { "lessThan": "5.4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP-HR Manager: The Human Resources Plugin for WordPress", "vendor": "wphrmanager", "versions": [ { "lessThan": "3.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Emails Blacklist for Everest Forms", "vendor": "smusman98", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "All-in-One Video Gallery", "vendor": "plugins360", "versions": [ { "lessThan": "2.5.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Woo Admin Product Notes", "vendor": "oloyede-jamiu", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Remove Add to Cart WooCommerce", "vendor": "themelocation", "versions": [ { "lessThan": "1.4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Checkout with Zelle on Woocommerce", "vendor": "theafricanboss", "versions": [ { "lessThan": "2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Tools Gravity Forms Divi Module", "vendor": "wpt00ls", "versions": [ { "lessThan": "6.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Everse", "vendor": "deothemes", "versions": [ { "lessThan": "1.8.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Run time Image resizing", "vendor": "commercepundit", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Rest Routes \u2013 Custom Endpoints for WordPress REST API", "vendor": "wp-making", "versions": [ { "lessThan": "4.24.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Widget for Contact form 7", "vendor": "olezhyk5", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Add Pinterest conversion tags for Pinterest Ads + Site verification", "vendor": "pagup", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Spreadsheet Integration \u2013 Automate Google Sheets With WordPress, WooCommerce \u0026 Most Popular Form Plugins. Also, Display Google sheet as a Table.", "vendor": "javmah", "versions": [ { "lessThan": "3.6.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP BugBot", "vendor": "majick", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site", "vendor": "princeahmed", "versions": [ { "lessThan": "1.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Nokke", "vendor": "deothemes", "versions": [ { "lessThan": "1.0.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Customers Table: View, Search, Bulk Editor", "vendor": "josevega", "versions": [ { "lessThan": "1.0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Sync eCommerce NEO", "vendor": "closemarketing/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Preloader for Divi", "vendor": "wpcohort", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Get Better Reviews for WooCommerce", "vendor": "tobias_conrad/", "versions": [ { "lessThanOrEqual": "3.0.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Knowledge Base documentation \u0026 wiki plugin \u2013 BasePress Docs", "vendor": "codesavory", "versions": [ { "lessThan": "2.15.14", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Appointment \u0026 Event Booking Calendar Plugin \u2013 Webba Booking", "vendor": "webba-agency", "versions": [ { "lessThan": "4.2.18", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Shuban", "vendor": "salttechno", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "ACF for WooCommerce Product", "vendor": "pmbaldha/", "versions": [ { "lessThan": "1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Scheduled Notification Bar", "vendor": "johnc1979", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "3D Viewer \u2013 3D Model Viewer Plugin", "vendor": "bplugins", "versions": [ { "lessThan": "1.2.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Fullscreen Menu", "vendor": "samuelsilvapt", "versions": [ { "lessThanOrEqual": "2.2.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gallery PhotoBlocks", "vendor": "wpchill", "versions": [ { "lessThan": "1.2.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Redirection for Contact Form 7", "vendor": "themeisle", "versions": [ { "lessThan": "2.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "DeMomentSomTres Grid Archive", "vendor": "marcqueralt", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Inbound Brew", "vendor": "seancarrico", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Photo Effects", "vendor": "muhammad-rehman", "versions": [ { "lessThan": "1.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Top Bar \u2013 PopUps \u2013 by WPOptin", "vendor": "danish-ali", "versions": [ { "lessThanOrEqual": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Extra Fees Plugin for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "3.8.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Reset Course Progress For LearnDash", "vendor": "ldninjas/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Podcast Box \u2013 Best Podcasting Plugin for WordPress", "vendor": "princeahmed", "versions": [ { "lessThan": "1.0.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "The best plugin for restrict content, support all Custom Post Types and Elementor \u2013 Password Protected", "vendor": "giladtakoni", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Turbo Widgets", "vendor": "toddhalfpenny", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Passster \u2013 Password Protect Pages and Content", "vendor": "patrickposner", "versions": [ { "lessThan": "3.5.5.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gift Message for WooCommerce", "vendor": "powerfulwp", "versions": [ { "lessThan": "1.6.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "azw woocommerce file uploads", "vendor": "actuaryzask", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Blog Grid \u0026 Post Grid \u2013 Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry, Category Post Grid By News \u0026 Blog Designer Pack", "vendor": "infornweb", "versions": [ { "lessThan": "2.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Broadcast Lite", "vendor": "jburleigh1", "versions": [ { "lessThan": "2.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Notification Bar, Announcement and Cookie Notice WordPress Plugin \u2013 FooBar", "vendor": "bradvin", "versions": [ { "lessThan": "2.1.15", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Author Bio", "vendor": "penguininitiatives", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "RW Divi Unite Gallery", "vendor": "ahmed17", "versions": [ { "lessThanOrEqual": "1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Tablesome \u2013 Form DB \u0026 Automation \u2013 WPForms, Contact Form 7, Elementor, Forminator, Fluent, Gravity", "vendor": "essekia", "versions": [ { "lessThan": "0.6.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Product Image Watermark for Woo", "vendor": "wppluginexperts", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "AFI \u2013 The Easiest Integration Plugin", "vendor": "nasirahmed", "versions": [ { "lessThan": "1.49.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Revolution for Elementor", "vendor": "janthielemann", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "ConeBlog \u2013 Elementor Blog Widgets", "vendor": "wpconedev", "versions": [ { "lessThan": "1.4.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Under Construction", "vendor": "linekal", "versions": [ { "lessThan": "4.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Gratify", "vendor": "ekanath", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Automizy Gravity Forms", "vendor": "cmbibby/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Widgets on Pages", "vendor": "toddhalfpenny", "versions": [ { "lessThan": "1.6.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Get feedback from visitors \u2013 WP Feedback Suite Plugin", "vendor": "ggriesser", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Buffer \u2013 HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule", "vendor": "dejanmarkovic", "versions": [ { "lessThan": "2020.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Content Aware Sidebars \u2013 Fastest Widget Area Plugin", "vendor": "intoxstudio", "versions": [ { "lessThan": "3.17.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Bani", "vendor": "salttechno", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Fast WordPress", "vendor": "ggriesser", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "SKT Templates \u2013 100% free Elementor \u0026 Gutenberg templates", "vendor": "sonalsinha21", "versions": [ { "lessThan": "4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Categorify \u2013 WordPress Media Library Category \u0026 File Manager", "vendor": "frenify", "versions": [ { "lessThan": "1.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ivory Search \u2013 WordPress Search Plugin", "vendor": "vinod-dalvi", "versions": [ { "lessThan": "5.4.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Add Twitter Pixel for Twitter ads", "vendor": "pagup", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "XT Variation Swatches for WooCommerce", "vendor": "xplodedthemes", "versions": [ { "lessThan": "1.8.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "URL Shortify \u2013 Simple, Powerful and Easy URL Shortener Plugin For WordPress", "vendor": "kaizencoders", "versions": [ { "lessThan": "1.5.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Authorize.Net Payment Gateway For WooCommerce", "vendor": "mohsinoffline", "versions": [ { "lessThan": "5.1.27", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages", "vendor": "svenl77", "versions": [ { "lessThan": "3.4.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Affiliate Link Builder Plugin for Amazon Associates \u2013 Review Engine", "vendor": "cloudliving", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Glossary", "vendor": "mte90", "versions": [ { "lessThan": "2.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "BAVOKO SEO Tools \u2013 All-in-One WordPress SEO", "vendor": "bavokoservices", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Cartoon Url", "vendor": "foxmoon", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Frontend Admin \u2013 Display WP Admin Pages in the Frontend", "vendor": "josevega", "versions": [ { "lessThan": "1.17.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Block, Suspend, Report for BuddyPress", "vendor": "bouncingsprout", "versions": [ { "lessThan": "3.3.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Menu Image, Icons made easy", "vendor": "takanakui", "versions": [ { "lessThan": "3.0.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "XT Ajax Add To Cart for WooCommerce", "vendor": "xplodedthemes", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "One Click Login", "vendor": "bestpluginswordpress", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Ether and ERC20 tokens WooCommerce Payment Gateway", "vendor": "ethereumicoio", "versions": [ { "lessThan": "4.12.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Chat Button- Leads and Order over Chat", "vendor": "mvvapps/", "versions": [ { "lessThan": "1.6.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Shipping gateway per Product", "vendor": "dreamfox", "versions": [ { "lessThan": "2.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Purosa", "vendor": "deothemes", "versions": [ { "lessThan": "1.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Best Responsive Comparison Table for Gutenberg Editor \u2013 NicheTable", "vendor": "tauhidpro", "versions": [ { "lessThan": "2.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress", "vendor": "ankitmaru", "versions": [ { "lessThan": "6.0.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Sierra", "vendor": "themesty", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Digital Goods for WooCommerce Checkout", "vendor": "dots", "versions": [ { "lessThan": "3.6.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SEO Booster", "vendor": "cleverplugins", "versions": [ { "lessThan": "3.8.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Anti-Spam by Fullworks : GDPR Compliant Spam Protection", "vendor": "fullworks", "versions": [ { "lessThan": "1.3.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Widgets Light", "vendor": "khothemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Insert or Embed Articulate Content into WordPress", "vendor": "beeneeb", "versions": [ { "lessThan": "4.3000000016", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "APPExperts \u2013 Mobile App Builder for WordPress | WooCommerce to iOS and Android Apps", "vendor": "appexpertsio", "versions": [ { "lessThan": "1.2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Post Kit Addons For Elementor \u2013 (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud)", "vendor": "bdthemes", "versions": [ { "lessThan": "2.9.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Caxton \u2013 Create Pro page layouts in Gutenberg", "vendor": "pootlepress", "versions": [ { "lessThan": "1.30.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Nitek Carousel Slider Cool Transitions", "vendor": "djenh", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Extend Filter Products By Price Widget", "vendor": "kartechify", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "BlockMeister \u2013 Block Pattern Builder", "vendor": "blockmeister", "versions": [ { "lessThan": "3.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Yatri Tools", "vendor": "mantrabrain", "versions": [ { "lessThan": "1.1.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Restrict \u2013 membership, site, content and user access restrictions for WordPress", "vendor": "tickera", "versions": [ { "lessThan": "2.1.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Change Prices with Time for WooCommerce", "vendor": "ibenic", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Flat Rate Shipping Plugin For WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "4.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Responsive Social Slider Widget", "vendor": "frostbourn", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Menu Item Scheduler", "vendor": "ahmed17", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Blog Sidebar Widget", "vendor": "avidthemes/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Multipurpose Gutenberg Block", "vendor": "dots", "versions": [ { "lessThanOrEqual": "1.7.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Full Page Blog Designer", "vendor": "codeies", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Variation Swatches for Products", "vendor": "jcodex", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Activity Log", "vendor": "melapress", "versions": [ { "lessThan": "4.4.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Simple Feature Requests Free \u2013 User Feedback Board", "vendor": "patrickgarman", "versions": [ { "lessThan": "2.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Edit Categories and Tags \u2013 Create Thousands Quickly on the Editor", "vendor": "josevega", "versions": [ { "lessThan": "1.5.23", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "License Manager for WooCommerce", "vendor": "wpexpertsio", "versions": [ { "lessThan": "2.2.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Sky Login Redirect", "vendor": "skyminds", "versions": [ { "lessThan": "3.6.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Google Analytics plugin for WordPress by GA4WP", "vendor": "passionatebrains", "versions": [ { "lessThan": "1.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Divi Collage", "vendor": "munirkamal", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Persistent Login", "vendor": "lukeseager", "versions": [ { "lessThan": "2.0.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Deals of the Day WooCommerce", "vendor": "themelocation", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Add Linkedin insight tags for Linkedin ads", "vendor": "pagup", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Settings for LearnDash", "vendor": "maurolopes/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Share This Image", "vendor": "mihail-barinov", "versions": [ { "lessThan": "1.67", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Social Feed \u2013 Social Photos Gallery \u2013 Post Feed \u2013 Like Box", "vendor": "sjaved", "versions": [ { "lessThan": "6.3.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "NEXUS", "vendor": "jamesparkninja", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Meridia", "vendor": "deothemes", "versions": [ { "lessThan": "2.2.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Webinar Solution: Create live/evergreen/automated/instant webinars, stream \u0026 Zoom Meetings | WebinarIgnition", "vendor": "tobias_conrad", "versions": [ { "lessThan": "2.8.12", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Delete old Posts automatically", "vendor": "wpmagics", "versions": [ { "lessThan": "2.1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Brand", "vendor": "maxsdesign", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WPBakery Page Builder Addons by Livemesh", "vendor": "livemesh", "versions": [ { "lessThan": "2.9.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Table Builder \u2013 WordPress Table Plugin", "vendor": "wptb", "versions": [ { "lessThan": "1.3.16", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Radio Player \u2013 Live Shoutcast, Icecast and Any Audio Stream Player for WordPress", "vendor": "princeahmed", "versions": [ { "lessThan": "1.0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Divi Content Restrictor", "vendor": "wpt00ls", "versions": [ { "lessThanOrEqual": "1.3.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Logo Showcase \u2013 Responsive Logo Carousel, Logo Slider \u0026 Logo Grid", "vendor": "infornweb", "versions": [ { "lessThan": "2.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Variation Swatches for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "1.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Portfolio for Elementor \u0026 Image Gallery | PowerFolio", "vendor": "dotrex", "versions": [ { "lessThan": "2.1.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SSL Atlas \u2013 Free SSL Certificate \u0026 HTTPS Redirect for WordPress", "vendor": "sslatlas", "versions": [ { "lessThan": "1.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery", "vendor": "gallerycreator", "versions": [ { "lessThan": "2.3.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Tiktok Feed", "vendor": "maltathemes", "versions": [ { "lessThan": "1.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "PopOverXYZ \u2013 Show Light Weight Beautiful Tool Tips On Any Text", "vendor": "webmuehle", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)", "vendor": "pagup", "versions": [ { "lessThan": "1.4.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Number Chat", "vendor": "wpcohort/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Rating-Widget: Star Review System", "vendor": "svovaf", "versions": [ { "lessThan": "3.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Spotlight Social Feeds \u2013 Block, Shortcode, and Widget", "vendor": "rebelcode", "versions": [ { "lessThan": "0.10.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Expire tags", "vendor": "xyulex", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Go Viral \u2013 social share, social sharebar, social locker, social chat, open graph, reactions, share \u0026 view counters", "vendor": "gowebsmarty", "versions": [ { "lessThan": "1.8.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Design for Contact Form 7 Style WordPress Plugin \u2013 CF7 WOW Styler", "vendor": "tobias_conrad", "versions": [ { "lessThan": "1.4.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Dashy \u2013 Google Analytics advanced dashboard", "vendor": "tropicalista", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce User Roles", "vendor": "premmerce", "versions": [ { "lessThan": "1.0.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Radio Station by netmix\u00ae \u2013 Manage and play your Show Schedule in WordPress!", "vendor": "tonyzeoli", "versions": [ { "lessThan": "2.4.0.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "myCred \u2013 Loyalty Points and Rewards plugin for WordPress and WooCommerce \u2013 Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification", "vendor": "wpexpertsio", "versions": [ { "lessThan": "2.4.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress SEO Audit Plugin \u2013 WP Site Auditor", "vendor": "greenjaymedia", "versions": [ { "lessThan": "1.2.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Reviews by ReviewPress", "vendor": "hiddenpearls", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour Operator Software", "vendor": "wptravelengine", "versions": [ { "lessThan": "5.3.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Mobile Menu \u2013 The Mobile-Friendly Responsive Menu", "vendor": "takanakui", "versions": [ { "lessThan": "2.8.2.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Smart Export (Free)", "vendor": "sebet/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Free Booking Plugin for Hotels, Restaurants and Car Rentals \u2013 eaSYNC Booking", "vendor": "syntactics", "versions": [ { "lessThan": "1.1.10", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Conference Schedule", "vendor": "theeventscalendar", "versions": [ { "lessThan": "1.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Strumenti Partita IVA per Woocommerce", "vendor": "mte90", "versions": [ { "lessThan": "1.3.23", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Anfrageformular \u2013 Multi Step Drag \u0026 Drop Formular Builder \u2013 Leadgenerierung", "vendor": "anfrageformular", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Brands for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "1.2.12", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ethereum Wallet", "vendor": "ethereumicoio", "versions": [ { "lessThan": "4.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Limb Gallery | Create Beautiful Image \u0026 Video Galleries", "vendor": "limbcode", "versions": [ { "lessThan": "1.5.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Code Manager", "vendor": "peterschulznl", "versions": [ { "lessThan": "1.0.14", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Payment Gateway for PayFabric", "vendor": "cypressnorth", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "CP Simple Newsletter", "vendor": "commercepundit", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "LittleBot ACH for Stripe + Plaid", "vendor": "jwind", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Aquarella Lite", "vendor": "dotrex", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Coinbase Commerce \u2013 Crypto Gateway for WooCommerce", "vendor": "smusman98", "versions": [ { "lessThan": "1.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Villar", "vendor": "wpmoose", "versions": [ { "lessThan": "1.0.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Kikote \u2013 Location Picker at Checkout \u0026 Google Address AutoFill Plugin for WooCommerce", "vendor": "uriahs-victor", "versions": [ { "lessThan": "1.4.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Age Verification Screen for WooCommerce", "vendor": "meowcrew", "versions": [ { "lessThan": "1.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Enhanced Ecommerce Google Analytics for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "3.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Joli FAQ SEO \u2013 WordPress FAQ Plugin", "vendor": "wpjoli", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Mass Pages/Posts Creator", "vendor": "dots", "versions": [ { "lessThan": "2.1.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Relevant Ads", "vendor": "sebet", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "GloriousThemes Starter Sites", "vendor": "gloriousthemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Group Promoter", "vendor": "oloyede-jamiu", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Airpress", "vendor": "chetmac", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Schema Plugin For Divi, Gutenberg \u0026 Shortcodes", "vendor": "wpt00ls", "versions": [ { "lessThanOrEqual": "4.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Giveaways for woocommerce", "vendor": "sindyakinsergei", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Custom Login Page Customizer", "vendor": "hiddenpearls", "versions": [ { "lessThan": "2.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "LearnMore", "vendor": "humblethemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "DeMomentSomTres Media Tools Auto", "vendor": "marcqueralt", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Ocean Extra", "vendor": "oceanwp", "versions": [ { "lessThan": "1.9.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "kk Star Ratings \u2013 Rate Post \u0026 Collect User Feedbacks", "vendor": "collizo4sky", "versions": [ { "lessThan": "5.2.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Drop Shadow Boxes", "vendor": "stevehenty", "versions": [ { "lessThan": "1.7.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "FAQ Manager For Divi, Gutenberg Block \u0026 Shortcode", "vendor": "wpt00ls", "versions": [ { "lessThan": "5.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ads.txt \u0026 App-ads.txt Manager for WordPress", "vendor": "pagup", "versions": [ { "lessThan": "1.1.7.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Quick Contact Form", "vendor": "fullworks", "versions": [ { "lessThan": "8.0.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Frontend Profile", "vendor": "glowlogix", "versions": [ { "lessThan": "1.2.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SVG Flags \u2013 Beautiful Scalable Flags For All Countries!", "vendor": "dgwyer", "versions": [ { "lessThan": "0.9.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Drip Feed Content Extended for Learndash", "vendor": "ldninjas/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Posts List Designer by Category \u2013 List Category Posts Or Recent Posts", "vendor": "infornweb", "versions": [ { "lessThan": "2.1.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Conversion de moneda Woocommerce", "vendor": "aguilerasoft", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "VidSEO | WordPress Video SEO embedder with transcripts (Youtube \u0026 Vimeo)", "vendor": "pagup", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Before and After Product Images for WooCommerce", "vendor": "nplugins", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Woocommerce Customer Reviews with Artificial Intelligence analyzis, with IBM Watson Tone Analyzer", "vendor": "renaudbod", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "LawPress \u2013 Law Firm Website Management", "vendor": "ivanchernyakov", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Shipping Method Display Style for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "3.7.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Royal Elementor Addons and Templates", "vendor": "wproyal", "versions": [ { "lessThan": "1.3.33", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SQL Reporting Services \u2013 SSRS Plugin for WordPress", "vendor": "modulemasters", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Bulk Edit Posts and Products in Spreadsheet", "vendor": "josevega", "versions": [ { "lessThan": "2.24.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Delete Duplicate Posts", "vendor": "lkoudal", "versions": [ { "lessThan": "4.7.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WS Bootstrap", "vendor": "xjohnyk", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Clean Social Icons", "vendor": "meeplugins", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Media Library File Download", "vendor": "andyabelow", "versions": [ { "lessThan": "1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Link Bio", "vendor": "cadudecastroalves", "versions": [ { "lessThan": "1.4.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Internal Linking for SEO traffic \u0026 Ranking \u2013 Auto internal links (100% automatic)", "vendor": "pagup", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Geo Mashup", "vendor": "cyberhobo", "versions": [ { "lessThan": "1.13.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Builder for WooCommerce product reviews shortcodes \u2013 ReviewShort", "vendor": "tobias_conrad", "versions": [ { "lessThan": "1.0.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Contact List \u2013 Premium Staff Listing, Business Directory Plugin \u0026 Address Book", "vendor": "anssilaitila", "versions": [ { "lessThan": "2.9.50", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Post Snippets \u2013 Custom WordPress Code Snippets Customizer", "vendor": "wpexpertsio", "versions": [ { "lessThan": "3.1.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SocialMark \u2013 Easy Watermark/Logo on Social Media Post Link Share Preview", "vendor": "shawoninfo", "versions": [ { "lessThan": "2.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Print My Blog \u2013 Print, PDF, \u0026 eBook Converter WordPress Plugin", "vendor": "mnelson4", "versions": [ { "lessThan": "3.11.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Delicious \u2013 Recipe Plugin for Food Bloggers (formerly Delicious Recipes)", "vendor": "wpdelicious", "versions": [ { "lessThan": "1.3.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "TreePress \u2013 Easy Family Trees \u0026 Ancestor Profiles", "vendor": "blackandwhitedigital", "versions": [ { "lessThan": "2.0.21", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Postcode Redirect", "vendor": "paulio21", "versions": [ { "lessThanOrEqual": "4.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Product Author for WooCommerce", "vendor": "nitin247", "versions": [ { "lessThan": "1.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Coupons and Deals \u2013 WordPress Coupon Plugin", "vendor": "imtiazrayhan", "versions": [ { "lessThan": "3.1.12", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Feedpress Generator \u2013 External RSS Frontend Customizer", "vendor": "spartac", "versions": [ { "lessThan": "1.2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Form Vibes \u2013 Database Manager for Forms", "vendor": "wpvibes", "versions": [ { "lessThan": "1.4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP AutoMedic", "vendor": "majick/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Banner Management For WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "2.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Duplicate Variations for Woocommerce", "vendor": "smgteam", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Send Prebuilt Emails", "vendor": "thinleek", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "FAQ / Accordion / Docs \u2013 Helpie WordPress FAQ Accordion plugin", "vendor": "essekia", "versions": [ { "lessThan": "1.7.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Livemesh SiteOrigin Widgets", "vendor": "livemesh", "versions": [ { "lessThan": "2.8.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Livemesh Addons for Beaver Builder", "vendor": "livemesh", "versions": [ { "lessThan": "2.8.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Tabs with Recommended Posts (Widget)", "vendor": "9brada6", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Spanish Market Enhancements for WooCommerce", "vendor": "closemarketing", "versions": [ { "lessThan": "2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "RevivePress \u2013 Keep your Old Content Evergreen", "vendor": "infosatech", "versions": [ { "lessThan": "1.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP fail2ban \u2013 Advanced Security Plugin", "vendor": "invisnet", "versions": [ { "lessThan": "4.4.0.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ultra Elementor Addons", "vendor": "ultradevs", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "RecurWP \u2013 WordPress Recurly Payment Gateway", "vendor": "wpcohort/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Smart Floating / Sticky Buttons \u2013 Call, Sharing, Chat Widgets \u0026 More \u2013 Buttonizer", "vendor": "buttonizer", "versions": [ { "lessThan": "2.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Quick Event Manager", "vendor": "alanfuller", "versions": [ { "lessThan": "9.2.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Image Photo Gallery Final Tiles Grid", "vendor": "wpchill", "versions": [ { "lessThan": "3.5.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Lightbox \u0026 Modal Popup WordPress Plugin \u2013 FooBox", "vendor": "bradvin", "versions": [ { "lessThan": "2.7.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Dev Powers \u2013 Display Screen Dimensions to Admin Plugin", "vendor": "wpdevpowers", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Ultimate Bulk SEO Noindex Nofollow \u2013 Speed up Penalty Recovery Ultimate SEO Booster", "vendor": "johnc1979", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Data Access \u2013 WordPress App, Table and Form Builder plugin", "vendor": "peterschulznl", "versions": [ { "lessThan": "5.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "StoreCustomizer \u2013 A plugin to Customize all WooCommerce Pages", "vendor": "kaira", "versions": [ { "lessThan": "2.3.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress News Plugin \u2013 TopNewsWp", "vendor": "mhmrajib", "versions": [ { "lessThan": "2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "User Menus \u2013 Nav Menu Visibility", "vendor": "codeatlantic", "versions": [ { "lessThan": "1.2.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Contact Form 7 Multi-Step Forms", "vendor": "webheadllc", "versions": [ { "lessThan": "4.1.91", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Age Verify", "vendor": "5starplugins", "versions": [ { "lessThan": "1.6.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Blocked in China | Check if your site is available in the Chinese mainland", "vendor": "brandonfire", "versions": [ { "lessThan": "1.0.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Disable Payment Methods based on cart conditions", "vendor": "josevega", "versions": [ { "lessThan": "1.13.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Awesome SSL", "vendor": "ejslondon/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Iks Menu \u2013 WordPress Category Accordion Menu \u0026 FAQs", "vendor": "iksstudio", "versions": [ { "lessThan": "1.9.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Purus", "vendor": "prelc", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Hooked Editable Content", "vendor": "janwyl", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Run Contests, Raffles, and Giveaways with ContestsWP", "vendor": "mdedev", "versions": [ { "lessThan": "1.9.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Post Carousel Divi", "vendor": "themeythemes", "versions": [ { "lessThan": "1.1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "MailChimp Manager", "vendor": "anasbinmukim", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Permalink Manager for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "2.3.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Secure IP Logins", "vendor": "ivacy", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Videopack", "vendor": "kylegilman", "versions": [ { "lessThan": "4.7.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce WooCommerce Customers Manager", "vendor": "premmerce", "versions": [ { "lessThan": "1.1.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "AnyWhere Elementor", "vendor": "wpvibes", "versions": [ { "lessThan": "1.2.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Divi Torque Lite \u2013 Divi Theme and Extra Theme", "vendor": "badhonrocks", "versions": [ { "lessThan": "3.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Events Calendar Registration", "vendor": "elbisnero", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Rocket Maintenance Mode \u0026 Coming Soon Page", "vendor": "wpexpertsio", "versions": [ { "lessThan": "4.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress WooCommerce Sync for Google Sheet", "vendor": "h3technologies", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Smooth Scroll Links \u2013 Smooth Scrolling Anchor", "vendor": "pootlepress/", "versions": [ { "lessThan": "2.23.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Page Builder Gutenberg Blocks \u2013 Kioken Blocks", "vendor": "sj_o", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Cryptocurrency Portfolio Tracker", "vendor": "matstars", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Go Fetch Jobs (for WP Job Manager)", "vendor": "sebet", "versions": [ { "lessThanOrEqual": "1.7.3.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Quick Affiliate Store", "vendor": "sangaran", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP Tools Divi Blog Carousel", "vendor": "wpt00ls", "versions": [ { "lessThan": "1.3.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Post to Google My Business (Google Business Profile)", "vendor": "tycoon12344", "versions": [ { "lessThan": "3.0.10", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "NicheBase", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WPVisitorInfo \u2013 Show Visitor Information \u0026 Conditional Data Based On That Information", "vendor": "webmuehle", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce", "vendor": "premmerce", "versions": [ { "lessThan": "1.3.16", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CartPops \u2013 High Converting Add To Cart Popup For WooCommerce", "vendor": "woopops", "versions": [ { "lessThan": "1.4.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Scrollsequence \u2013 Cinematic Scroll Image Animation Plugin", "vendor": "scrollsequence", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Elation", "vendor": "kaira", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Cuisine Palace", "vendor": "thecodechime", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Product Attachment for WooCommerce", "vendor": "dots", "versions": [ { "lessThan": "2.1.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Master Blocks \u2013 Gutenberg Site Builder", "vendor": "masterblocks", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Product Options and Price Calculation Formulas for WooCommerce \u2013 Uni CPO", "vendor": "moomooagency", "versions": [ { "lessThan": "4.9.14", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Coupon Plugin for Bloggers and Marketers \u2013 WP Offers", "vendor": "kitthemes", "versions": [ { "lessThan": "1.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto", "vendor": "tripetto", "versions": [ { "lessThan": "5.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Widgets on Pages and Posts", "vendor": "mumarym1985", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Better Messages \u2013 WCFM Integration", "vendor": "wordplus", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "SheetPress \u2013 Manage WordPress Meta data with Google Sheets", "vendor": "wpgeniuz", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Advanced Custom Fields options import/export", "vendor": "olezhyk5", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Quick Paypal Payments", "vendor": "fullworks", "versions": [ { "lessThan": "5.7.22", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Tarot Card Oracle", "vendor": "chillichalli", "versions": [ { "lessThan": "1.0.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Better Sharing", "vendor": "cloudsponge", "versions": [ { "lessThanOrEqual": "1.7.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Restrict User Access \u2013 Ultimate Membership \u0026 Content Protection", "vendor": "intoxstudio", "versions": [ { "lessThan": "2.2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WUPO Group Attributes for WooCommerce", "vendor": "wupo", "versions": [ { "lessThanOrEqual": "2.0.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Nugget by Ingot: Easy, automated and native A/B testing for everyone", "vendor": "shelob9", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "FeedbackScout: The easiest way to collect, prioritise, manage and track customer feedback.", "vendor": "fsruslan", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Arendelle", "vendor": "deothemes", "versions": [ { "lessThan": "1.1.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Zillow Reviews", "vendor": "boltonstudios", "versions": [ { "lessThan": "1.4.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Battle Suit for Divi", "vendor": "janthielemann", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Store Toolkit \u2013 WooCommerce Extensions, Quick Enhancements \u0026 Handy Tools", "vendor": "jkohlbach", "versions": [ { "lessThan": "2.3.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WCC SEO Keyword Research", "vendor": "weconnectcode", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Elements for LifterLMS", "vendor": "zeetheme", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Custom Registration and Custom Login Forms with New Recaptcha", "vendor": "commercepundit", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Quote for WooCommerce Lite \u2013 Add to Quote Plugin Lets Customers Request Custom Quotes for Products using the Request a Quote Plugin for WooCommerce", "vendor": "wpexpertsio", "versions": [ { "lessThan": "1.4.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Wadi Survey", "vendor": "mohammedrezq", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Performance Kit", "vendor": "atakanoz", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Page Builder for Gutenberg \u2013 StarterBlocks", "vendor": "dovyp", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Impexium Single Sign On", "vendor": "gkher/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "XT Quick View for WooCommerce", "vendor": "xplodedthemes", "versions": [ { "lessThan": "1.9.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Live Drag and Drop Builder for Contact Form 7", "vendor": "josevega", "versions": [ { "lessThan": "1.2.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Primary Addon for Elementor", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.5.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "JDs Portfolio", "vendor": "jaydeep-nimavat", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "TwentyFourth WP Scraper", "vendor": "mbrown24", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Blocksy Companion", "vendor": "creativethemeshq", "versions": [ { "lessThan": "1.8.20", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Google Translate", "vendor": "kartikparmar/", "versions": [ { "lessThan": "1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Hasium", "vendor": "darell", "versions": [ { "lessThan": "1.6.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Station Pro", "vendor": "marviorocha", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Event Tickets and Registration", "vendor": "theeventscalendar", "versions": [ { "lessThan": "5.3.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gateway for PayLate on WooCommerce", "vendor": "kaggdesign", "versions": [ { "lessThanOrEqual": "1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Auto SEO META keywords (META tags keywords) optimization + WooCommerce", "vendor": "pagup", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "ClimateClick: Climate Action for all", "vendor": "co2ok", "versions": [ { "lessThanOrEqual": "1.0.9.21", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce SEO for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "2.1.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Wholesale for WooCommerce \u2014 This Wholesale Plugin Helps B2B and B2C Businesses Streamline Wholesale Products, Pricing, and User Roles, Automating their WooCommerce Wholesale Stores", "vendor": "wpexpertsio", "versions": [ { "lessThan": "1.6.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Frontend group restriction for LearnDash", "vendor": "ldninjas/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Really Simple Featured Video \u2013 Featured video support for Posts, Pages \u0026 WooCommerce Products", "vendor": "jetixwp", "versions": [ { "lessThanOrEqual": "0.5.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Display Eventbrite Events", "vendor": "fullworks", "versions": [ { "lessThan": "4.4.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "XT Floating Cart for WooCommerce", "vendor": "xplodedthemes", "versions": [ { "lessThan": "2.6.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Cookie Consent for WP \u2013 Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA \u0026 ePrivacy)", "vendor": "wpeka-club", "versions": [ { "lessThan": "2.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP SPID Italia", "vendor": "milmor", "versions": [ { "lessThan": "2.3.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Tiered Pricing Table for WooCommerce", "vendor": "bycrik", "versions": [ { "lessThan": "2.6.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Migrate WordPress Website \u0026 Backups \u2013 Prime Mover", "vendor": "codexonics", "versions": [ { "lessThan": "1.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Replyable \u2013 Subscribe to Comments and Reply by Email", "vendor": "vernal", "versions": [ { "lessThan": "2.2.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Court Reservation \u2013 Manage Your Court Bookings Online", "vendor": "webmuehle", "versions": [ { "lessThan": "1.7.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "VO Store Locator \u2013 WP Store Locator Plugin", "vendor": "jurski", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Get Directions Map", "vendor": "fullworks", "versions": [ { "lessThan": "2.15.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Redirect Manager", "vendor": "premmerce", "versions": [ { "lessThan": "1.0.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "SnazzyAdmin WP Admin Theme", "vendor": "snazzythemes", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Amela", "vendor": "deothemes", "versions": [ { "lessThan": "1.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Woocommerce Customers Order History", "vendor": "javmah", "versions": [ { "lessThan": "5.2.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "EthPress \u2013 Web3 Login", "vendor": "lynn999", "versions": [ { "lessThan": "1.5.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Ant Admin Notices for Team", "vendor": "dangub86", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Bulk Edit Coupons \u2013 WP Sheet Editor", "vendor": "josevega", "versions": [ { "lessThan": "1.3.28", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Pay For Post with WooCommerce", "vendor": "mattpramschufer", "versions": [ { "lessThan": "3.0.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "bbResolutions", "vendor": "alex-ye", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Google Analytics Integration By Advanced WC Analytics", "vendor": "passionatebrains", "versions": [ { "lessThan": "3.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "TK SmugMug Slideshow Shortcode", "vendor": "cliffpaulick", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Lightbox \u2013 EverlightBox Gallery", "vendor": "wpchill", "versions": [ { "lessThan": "1.1.18", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Unakit", "vendor": "cebbi", "versions": [ { "lessThan": "1.2.4.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Affiliate Disclosure", "vendor": "mojofywp", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Media Cloud for Bunny CDN, Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean and more", "vendor": "interfacelab", "versions": [ { "lessThan": "4.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "RaCar Clear Cart for WooCommerce", "vendor": "rafacarvalhido", "versions": [ { "lessThan": "1.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Disable Sitemap", "vendor": "litonice13", "versions": [ { "lessThan": "1.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Internal Link Juicer: SEO Auto Linker for WordPress", "vendor": "davidanderson", "versions": [ { "lessThan": "1.3.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Block Slider \u2013 Responsive Image Slider, Video Slider \u0026 Post Slider", "vendor": "munirkamal", "versions": [ { "lessThan": "2.0.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Pinblocks \u2014 Gutenberg blocks with Pinterest widgets", "vendor": "milukove", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Contact Widgets For Elementor all the contact links you need in one place", "vendor": "ronena100", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Tickera \u2013 WordPress Event Ticketing", "vendor": "tickera", "versions": [ { "lessThan": "3.4.9.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "StreamCast \u2013 Radio Player for WordPress", "vendor": "bplugins", "versions": [ { "lessThan": "2.1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Sticky add to cart for Woo", "vendor": "johnc1979", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "BlockyPage \u2013 Gutenberg Based Page Builder", "vendor": "blockypage", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Pro Broken Links Maintainer", "vendor": "maciejbak85", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "WP School Calendar", "vendor": "wpschoolcalendar", "versions": [ { "lessThan": "3.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "ListPlus \u2013 Unlimited Listing Directory", "vendor": "listplus", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Walker Core", "vendor": "walkerwp", "versions": [ { "lessThan": "1.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Agy \u2013 Age verification for WooCommerce", "vendor": "patrickposner", "versions": [ { "lessThan": "4.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Modern Designs for Gravity Forms", "vendor": "ggedde", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "RankBear", "vendor": "rankbear", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "STAX Header Builder", "vendor": "staxwp", "versions": [ { "lessThan": "1.3.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Fast Checkout for WooCommerce", "vendor": "fastaf/", "versions": [ { "lessThan": "1.1.17", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce PayPlug", "vendor": "boriscolombier/", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Code Snippets", "vendor": "alphabposervice", "versions": [ { "lessThan": "1.0.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "W3SCloud Contact Form 7 to Zoho CRM", "vendor": "w3scloud", "versions": [ { "lessThan": "2.1.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Widget Detector for Elementor", "vendor": "elementinvader", "versions": [ { "lessThan": "1.2.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Add Tiktok Pixel for Tiktok ads (+Woocommerce)", "vendor": "pagup", "versions": [ { "lessThan": "1.2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Encryption \u2013 One Click Free SSL Certificate \u0026 SSL / HTTPS Redirect to Force HTTPS, Security+", "vendor": "gowebsmarty", "versions": [ { "lessThan": "5.7.10", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Better Messages \u2013 Integration for WC Vendors Marketplace", "vendor": "wordplus", "versions": [ { "lessThan": "1.0.7", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Alley Business Toolkit", "vendor": "alleythemes", "versions": [ { "lessThan": "1.1.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Product Filter for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "3.6.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Search Filter", "vendor": "pippozanardo", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Easy Post Views Count", "vendor": "alphabposervice", "versions": [ { "lessThan": "1.0.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Power Ups for Elementor", "vendor": "dotrex", "versions": [ { "lessThan": "1.2.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Social Kit", "vendor": "dvizhenia", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Post Slider and Post Carousel with Post Vertical Scrolling Widget \u2013 A Responsive Post Slider", "vendor": "pluginandplay", "versions": [ { "lessThan": "2.1.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "HM Multiple Roles", "vendor": "mhmrajib", "versions": [ { "lessThan": "1.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Team Collaboration Plugin for WordPress Editorial teams- Multicollab", "vendor": "multicollab", "versions": [ { "lessThan": "2.0.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Alt Manager", "vendor": "arabianmido", "versions": [ { "lessThan": "1.5.0", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Premmerce Product Search for WooCommerce", "vendor": "premmerce", "versions": [ { "lessThan": "2.2.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Security Safe", "vendor": "sovstack", "versions": [ { "lessThan": "2.4.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WooCommerce Bulk Edit Products \u2013 WP Sheet Editor", "vendor": "josevega", "versions": [ { "lessThan": "1.7.13", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Da Reactions", "vendor": "danielealessandra", "versions": [ { "lessThan": "3.20.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Food Store \u2013 Online Food Delivery \u0026 Pickup", "vendor": "wpscripts", "versions": [ { "lessThan": "1.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Abeta Link PunchOut", "vendor": "thijzie", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "jav\u0026#039;s \u2013 WooCommerce and Trello integration WooTrello", "vendor": "javmah", "versions": [ { "lessThan": "2.3.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Page Builder Sandwich \u2013 Front End WordPress Page Builder Plugin", "vendor": "pagebuildersandwich", "versions": [ { "lessThan": "4.5.5", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WP Sessions Time Monitoring Full Automatic", "vendor": "switcorp", "versions": [ { "lessThan": "1.0.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WoowGallery \u2013 image gallery / content gallery / ecommerce gallery / social gallery / video gallery / album photo gallery", "vendor": "pasyuk", "versions": [ { "lessThan": "1.1.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WordPress Auto SEO Plugin \u2013 Upfiv SEO Wizard", "vendor": "upfiv", "versions": [ { "status": "affected", "version": "*" } ] }, { "defaultStatus": "unaffected", "product": "Greenshift \u2013 animation and page builder blocks", "vendor": "wpsoul", "versions": [ { "lessThan": "1.1.6", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Restaurant \u0026 Cafe Addon for Elementor", "vendor": "nicheaddons", "versions": [ { "lessThan": "1.4.6", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-16T06:43:30.014Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=cve" }, { "url": "https://wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a" }, { "url": "https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure/" }, { "url": "https://wpdirectory.net/search/01FWPVWA7BC5DYGZHNSZQ9QMN5" }, { "url": "https://wpdirectory.net/search/01G02RSGMFS1TPT63FS16RWEYR" }, { "url": "https://web.archive.org/web/20220225174410/https%3A//www.pluginvulnerabilities.com/2022/02/25/our-security-review-of-wordpress-plugin-found-freemius-library-still-contained-vulnerabilities-3-years-after-major-security-incident/" } ], "timeline": [ { "lang": "en", "time": "2022-03-04T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Freemius SDK \u003c= 2.4.2 - Missing Authorization Checks" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-4974", "datePublished": "2024-10-16T06:43:30.014Z", "dateReserved": "2024-10-15T18:12:02.205Z", "dateUpdated": "2024-10-16T18:06:13.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2091
Vulnerability from cvelistv5
Published
2024-03-28 02:37
Modified
2024-08-01 19:03
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.13.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-2091", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-28T15:52:01.173162Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:30:29.399Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:03:38.929Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18e2e0e5-495f-4f55-b7d8-94193fc2ad12?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/comparison-table/widgets/comparison-table.php#L2076" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3055134%40addon-elements-for-elementor-page-builder\u0026new=3055134%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.1", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "wesley" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s widgets in all versions up to, and including, 1.13.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-28T02:37:10.749Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18e2e0e5-495f-4f55-b7d8-94193fc2ad12?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/comparison-table/widgets/comparison-table.php#L2076" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3055134%40addon-elements-for-elementor-page-builder\u0026new=3055134%40addon-elements-for-elementor-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2024-03-27T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-2091", "datePublished": "2024-03-28T02:37:10.749Z", "dateReserved": "2024-03-01T15:25:28.049Z", "dateUpdated": "2024-08-01T19:03:38.929Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4723
Vulnerability from cvelistv5
Published
2023-11-15 22:32
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.12.7 via the ajax_eae_post_data function. This can allow unauthenticated attackers to extract sensitive data including post/page ids and titles including those of with pending/draft/future/private status.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.876Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89489218-263f-4157-a5cd-a12bc6a0dfe6?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/classes/helper.php#L20" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.7", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Marco Wotschka" }, { "lang": "en", "type": "finder", "value": "Paolo Tresso" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.12.7 via the ajax_eae_post_data function. This can allow unauthenticated attackers to extract sensitive data including post/page ids and titles including those of with pending/draft/future/private status." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-862 Missing Authorization", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-15T22:32:29.259Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89489218-263f-4157-a5cd-a12bc6a0dfe6?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/classes/helper.php#L20" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "timeline": [ { "lang": "en", "time": "2023-09-01T00:00:00.000+00:00", "value": "Discovered" }, { "lang": "en", "time": "2023-11-15T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-4723", "datePublished": "2023-11-15T22:32:29.259Z", "dateReserved": "2023-09-01T16:03:26.106Z", "dateUpdated": "2024-08-02T07:37:59.876Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4569
Vulnerability from cvelistv5
Published
2024-06-27 04:04
Modified
2024-08-01 20:47
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-4569", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-27T17:26:41.805487Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-27T17:26:48.123Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:47:40.519Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/63ef7383-d684-473b-aa0f-45027ef245f6?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1060" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3107074/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.5", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ng\u00f4 Thi\u00ean An" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-27T04:04:32.280Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/63ef7383-d684-473b-aa0f-45027ef245f6?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1060" }, { "url": "https://plugins.trac.wordpress.org/changeset/3107074/" } ], "timeline": [ { "lang": "en", "time": "2024-06-26T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-4569", "datePublished": "2024-06-27T04:04:32.280Z", "dateReserved": "2024-05-06T19:59:12.783Z", "dateUpdated": "2024-08-01T20:47:40.519Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5381
Vulnerability from cvelistv5
Published
2023-11-15 22:32
Modified
2024-08-02 07:59
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.12.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:59:44.299Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd2bc2e7-960e-40db-9dcc-a6a60117bd83?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L79" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.7", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Paolo Tresso" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.12.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-15T22:32:29.744Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd2bc2e7-960e-40db-9dcc-a6a60117bd83?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L79" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "timeline": [ { "lang": "en", "time": "2023-10-03T00:00:00.000+00:00", "value": "Discovered" }, { "lang": "en", "time": "2023-11-15T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-5381", "datePublished": "2023-11-15T22:32:29.744Z", "dateReserved": "2023-10-04T15:14:30.123Z", "dateUpdated": "2024-08-02T07:59:44.299Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-8902
Vulnerability from cvelistv5
Published
2024-10-12 09:39
Modified
2024-10-15 13:21
Severity ?
EPSS score ?
Summary
Elementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-8902", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T13:21:08.946941Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T13:21:27.257Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.13.8", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ankit Patel" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the render_column function in modules/data-table/widgets/data-table.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-12T09:39:16.937Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7317ecf5-d43d-4080-ad2a-7644764dd41e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3163899/addon-elements-for-elementor-page-builder" } ], "timeline": [ { "lang": "en", "time": "2024-09-17T00:00:00.000+00:00", "value": "Vendor Notified" }, { "lang": "en", "time": "2024-10-11T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Elementor Addon Elements \u003c= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sections" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-8902", "datePublished": "2024-10-12T09:39:16.937Z", "dateReserved": "2024-09-16T19:17:20.023Z", "dateUpdated": "2024-10-15T13:21:27.257Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4690
Vulnerability from cvelistv5
Published
2023-11-15 22:32
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_config function. This makes it possible for unauthenticated attackers to change configuration settings for the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
webtechstreet | Elementor Addon Elements |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.268Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd53b4e1-c6b7-4111-911a-04b14c7a9c4e?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L75" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Elementor Addon Elements", "vendor": "webtechstreet", "versions": [ { "lessThanOrEqual": "1.12.7", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Marco Wotschka" }, { "lang": "en", "type": "finder", "value": "Paolo Tresso" } ], "descriptions": [ { "lang": "en", "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_config function. This makes it possible for unauthenticated attackers to change configuration settings for the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-11-15T22:32:30.218Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd53b4e1-c6b7-4111-911a-04b14c7a9c4e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L75" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file15" } ], "timeline": [ { "lang": "en", "time": "2023-08-31T00:00:00.000+00:00", "value": "Discovered" }, { "lang": "en", "time": "2023-11-15T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-4690", "datePublished": "2023-11-15T22:32:30.218Z", "dateReserved": "2023-08-31T20:33:49.797Z", "dateUpdated": "2024-08-02T07:37:59.268Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }