Vulnerabilities > Wpmet
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-15 | CVE-2024-7064 | Cross-site Scripting vulnerability in Wpmet Elementskit The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-06-15 | CVE-2024-5263 | Cross-site Scripting vulnerability in Wpmet Elementskit The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Motion Text and Table widgets in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-06-14 | CVE-2024-4404 | Server-Side Request Forgery (SSRF) vulnerability in Wpmet Elementskit The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. | 9.6 |
| 2024-06-11 | CVE-2024-4266 | Unspecified vulnerability in Wpmet Metform Elementor Contact Form Builder The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.8.8 via the 'handle_file' function. | 7.5 |
| 2024-05-21 | CVE-2024-4452 | Cross-site Scripting vulnerability in Wpmet Elementskit The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-17 | CVE-2024-21746 | Unspecified vulnerability in Wpmet WP Ultimate Review Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.3.2. | 7.5 |
| 2024-05-17 | CVE-2024-32685 | Unspecified vulnerability in Wpmet WP Ultimate Review Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | 5.3 |
| 2024-05-06 | CVE-2024-33570 | Unspecified vulnerability in Wpmet Metform Elementor Contact Form Builder Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder.This issue affects Metform Elementor Contact Form Builder: from n/a through 3.8.3. | 8.8 |
| 2024-05-02 | CVE-2024-3650 | Cross-site Scripting vulnerability in Wpmet Elements KIT Elementor Addons The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions 3.0.7 through 3.1.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-04-22 | CVE-2024-32684 | Unspecified vulnerability in Wpmet WP Ultimate Review Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | 7.5 |