CVE-2026-15299: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in wealcoder Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates
The Animation Addons for Elementor WordPress plugin contains a stored cross-site scripting (XSS) vulnerability in the Weather widget. This affects all versions up to and including 2.6.3. The…
Read the full articleYou might also wanna read

WAF - WAF Release - 2025-08-04
This week's highlight focuses on a series of significant vulnerabilities identified across widely adopted web platforms, from enterprise-gra

WAF - WAF Release - 2026-04-07
This week's release introduces new detections for a critical Remote Code Execution (RCE) vulnerability in MCP Server (CVE-2026-23744), along

WAF - WAF Release - 2025-07-14
This week’s vulnerability analysis highlights emerging web application threats that exploit modern JavaScript behavior and SQL parsing ambig

CVE-2025-14773: Cross-Site Scripting Vulnerability in ABB T-MAC Plus (Version 4.0-24)
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-M

Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
On January 11th, 2024, a significant security vulnerability was disclosed in Jinja2, a widely used Python templating library. Identified as

WAF - WAF Release - 2025-09-08
This week's update This week’s focus highlights newly disclosed vulnerabilities in web frameworks, enterprise applications, and widely deplo

Comments
Sign in to join the conversation.
No comments yet. Be the first.