| CVE-2024-5554 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-07-18 08:33:03 | Deep Dive |
| CVE-2024-39700 | Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action | jupyterlab | extension-template | Critical | 9.9 | 2024-07-16 17:37:49 | Deep Dive |
| CVE-2024-3925 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via onclick events | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-06-12 07:32:53 | Deep Dive |
| CVE-2024-0653 | Custom Field Template <= 2.6.1 - Authenticated (Admin+) Stored Cross-Site Scritping | hiroaki-miyashita | Custom Field Template | Medium | 4.4 | 2024-06-11 02:01:58 | Deep Dive |
| CVE-2023-6748 | Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Information Exposure | hiroaki-miyashita | Custom Field Template | Medium | 4.3 | 2024-06-11 02:01:57 | Deep Dive |
| CVE-2024-0627 | Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name | hiroaki-miyashita | Custom Field Template | Medium | 6.4 | 2024-06-11 02:01:56 | Deep Dive |
| CVE-2023-6745 | Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode | hiroaki-miyashita | Custom Field Template | Medium | 6.4 | 2024-06-11 02:01:52 | Deep Dive |
| CVE-2024-3926 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via custom_attributes | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-05-22 14:32:39 | Deep Dive |
| CVE-2024-3927 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.3 - Form Submission Admin Email Bypass | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.3 | 2024-05-22 06:50:34 | Deep Dive |
| CVE-2024-3831 | Enter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading widget | themelooks | Enter Addons – Ultimate Template Builder for Elementor | Medium | 6.4 | 2024-05-09 20:03:29 | Deep Dive |
| CVE-2024-3680 | Enter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animation Title widget img tag | themelooks | Enter Addons – Ultimate Template Builder for Elementor | Medium | 6.4 | 2024-05-09 20:03:22 | Deep Dive |
| CVE-2024-1426 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-1429 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-18 04:32:59 | Deep Dive |
| CVE-2024-2966 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.5.6 - Sensitive Information Exposure via element_pack_ajax_search | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 5.3 | 2024-04-11 07:31:36 | Deep Dive |
| CVE-2024-2334 | Template Kit – Import <= 1.0.14 - Authenticated(Author+) Stored Cross-Site Scripting via template upload | envato | Template Kit – Import | Medium | 6.4 | 2024-04-09 18:58:52 | Deep Dive |
| CVE-2024-0837 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Custom Gallery' Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:56 | Deep Dive |
| CVE-2024-1428 | Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trailer Box Widget | bdthemes | Element Pack – Widgets, Templates & Addons for Elementor | Medium | 6.4 | 2024-04-06 07:34:54 | Deep Dive |
| CVE-2024-25919 | WordPress Custom Field Template plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability | Hiroaki Miyashita | Custom Field Template | Medium | 6.5 | 2024-03-15 13:03:03 | Deep Dive |
| CVE-2024-24785 | Errors returned from JSON marshaling may break template escaping in html/template | Go standard library | html/template | - | - | 2024-03-05 22:22:34 | Deep Dive |
| CVE-2024-22199 | Django Template Engine Vulnerable to XSS | gofiber | template | Critical | 9.3 | 2024-01-11 17:39:46 | Deep Dive |