Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 165 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4659 Unlimited Elements For Elementor <= 2.0.6 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal in Repeater JSON/CSV URL with Path Traversal unitecmsUnlimited Elements For Elementor High 7.5 2026-04-17 06:44:50 Deep Dive
CVE-2026-39708 WordPress UiCore Elements plugin <= 1.3.14 - Cross Site Scripting (XSS) vulnerability uicoreUiCore Elements--2026-04-08 08:30:48 Deep Dive
CVE-2026-23979 WordPress Gyan Elements plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulnerability SoftwebmediaGyan Elements High 7.1 2026-03-25 16:14:31 Deep Dive
CVE-2026-2724 Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields unitecmsUnlimited Elements For Elementor High 7.2 2026-03-10 09:58:58 Deep Dive
CVE-2026-28131 WordPress Elementor Addon Elements plugin <= 1.14.4 - Sensitive Data Exposure vulnerability WPVibesElementor Addon Elements--2026-02-26 08:33:36 Deep Dive
CVE-2025-14274 Unlimited Elements for Elementor <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Border Hero Widget unitecmsUnlimited Elements For Elementor Medium 5.4 2026-02-03 05:30:14 Deep Dive
CVE-2026-23978 WordPress Gyan Elements plugin <= 2.2.1 - Local File Inclusion vulnerability SoftwebmediaGyan Elements High 7.5 2026-01-22 16:52:43 Deep Dive
CVE-2025-63026 WordPress Grand Restaurant Theme Elements for Elementor plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability ThemeGoodsGrand Restaurant Theme Elements for Elementor Medium 6.5 2026-01-22 16:51:49 Deep Dive
CVE-2025-69360 WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability CodexThemesTheGem Theme Elements (for WPBakery) 中危 -2026-01-06 16:36:42 Deep Dive
CVE-2025-69357 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability CodexThemesTheGem Theme Elements (for Elementor) 中危 -2026-01-06 16:36:42 Deep Dive
CVE-2025-69356 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Local File Inclusion vulnerability CodexThemesTheGem Theme Elements (for Elementor) 中危 -2026-01-06 16:36:41 Deep Dive
CVE-2025-14428 My Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead Deletion premioAll-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements Medium 4.3 2026-01-01 16:19:31 Deep Dive
CVE-2025-68995 WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability PremioMy Sticky Elements Medium 4.3 2025-12-30 10:47:51 Deep Dive
CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability voidcodersWPBakery Visual Composer WHMCS Elements Medium 5.9 2025-12-24 13:10:38 Deep Dive
CVE-2025-68559 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability CodexThemesTheGem Theme Elements (for Elementor) Medium 6.5 2025-12-23 11:37:35 Deep Dive
CVE-2025-68560 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerability CodexThemesTheGem Theme Elements (for Elementor) High 7.5 2025-12-23 11:36:26 Deep Dive
CVE-2025-62094 WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0.1.2 - Cross Site Scripting (XSS) vulnerability voidthemesVoid Elementor WHMCS Elements For Elementor Page Builder Medium 6.5 2025-12-22 09:47:18 Deep Dive
CVE-2025-12537 Addon Elements for Elementor <= 1.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting wpvibesAddon Elements for Elementor (formerly Elementor Addon Elements) Medium 6.4 2025-12-14 05:21:19 Deep Dive
CVE-2025-8199 MarqueeAddons <= 2.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial Marquee Widget debuggersstudioMarquee Addons for Elementor – Essential Motion Widgets & Templates Medium 6.4 2025-12-13 08:21:15 Deep Dive
CVE-2024-58290 Xhibiter NFT Marketplace 1.10.2 SQL Injection via Collections Endpoint ElementsXhibiter NFT Marketplace--2025-12-11 21:34:52 Deep Dive