Skip to main content

Envo S Elementor Templates Widgets For Woocommerce

5 CVEs product

Monthly

CVE-2024-43292 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.4.16. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Envo S Elementor Templates Widgets For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-35167 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.4.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Envo S Elementor Templates Widgets For Woocommerce Elementor
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-0768 MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.4.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Envo S Elementor Templates Widgets For Woocommerce Elementor
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-0767 MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Envo S Elementor Templates Widgets For Woocommerce Elementor
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-0766 MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Envo S Elementor Templates Widgets For Woocommerce Elementor
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.4.16. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Envo S Elementor Templates Widgets For Woocommerce
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.4.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Envo S Elementor Templates Widgets For Woocommerce +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.4.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Envo S Elementor Templates Widgets For Woocommerce +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Envo S Elementor Templates Widgets For Woocommerce +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Envo S Elementor Templates Widgets For Woocommerce +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy