Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Cryptocurrency Widgets For Elementor

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2024-53739
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 72.16%
||
7 Day CHG~0.00%
Published-30 Nov, 2024 | 20:55
Updated-01 Apr, 2026 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Cryptocurrency Widgets For Elementor plugin <= 1.6.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor cryptocurrency-widgets-for-elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through <= 1.6.4.

Action-Not Available
Vendor-coolpluginsCool Pluginscoolplugins
Product-cryptocurrency_widgets_for_elementorCryptocurrency Widgets For Elementorcryptocurrency_widgets_for_elementor
CWE ID-CWE-706
Use of Incorrectly-Resolved Name or Reference
CWE ID-CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
CVE-2022-4950
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-5.42% / 90.16%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 01:51
Updated-08 Apr, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cool Plugins (Various Versions) - Arbitrary Plugin Installation and Activation

Several WordPress plugins developed by Cool Plugins are vulnerable to arbitrary plugin installation and activation that can lead to remote code execution by authenticated attackers with minimal permissions, such as a subscriber.

Action-Not Available
Vendor-cryptocurrency_payment_\&_donation_box_pluginscoolpluginsblackworks1coolpluginsnarinder-singh
Product-events_search_for_the_events_calendarevents_widgets_for_elementor_and_the_events_calendarthe_events_calendar_countdown_addonevents_shortcodes_for_the_events_calendarevent_single_page_builder_for_the_event_calendarevents-notification-bar-addoncryptocurrency_widgets_for_elementorcryptocurrency_payment_\&_donation_boxcryptocurrency_widgetscool_timelineCryptocurrency Donation Box – Bitcoin & Crypto DonationsEvent Single Page Builder For The Events CalendarThe Events Calendar Events Notification Bar AddonEvents Shortcodes For The Events CalendarCryptocurrency Widgets – Price Ticker & Coins ListCryptocurrency Widgets For ElementorEvents Widgets For Elementor And The Events CalendarCool Timeline (Horizontal & Vertical Timeline)Events Search For The Events CalendarEvent Countdown for The Events Calendar
CWE ID-CWE-862
Missing Authorization