Lucene search
China National Vulnerability DatabaseCNVD-2022-68545HistoryJan 05, 2022 - 12:00 a.m.
WordPress plugin PowerPack Addons for Elementor cross-site scripting vulnerability
2022-01-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
powerpack addons
elementor
cross-site scripting
vulnerability
php
mysql
admin dashboard
cookie-based authentication
cnvd
EPSS
0.001
Percentile
33.4%
WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.A cross-site scripting vulnerability exists in the WordPress plugin PowerPack Addons for Elementor, which stems from the program not escaping tab parameters before exporting them back to the properties of the admin dashboard. An attacker could exploit the vulnerability to steal cookie-based authentication credentials.
Related
prion
prion
Cross site scripting
2022-01-03 13:15:00
nvd
nvd
CVE-2021-25027
2022-01-03 13:15:09
wpexploit
wpexploit
PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting
2021-12-06 00:00:00
patchstack
patchstack
cve
cve
CVE-2021-25027
2022-01-03 13:15:09
wpvulndb
wpvulndb
PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting
2021-12-06 00:00:00
cvelist
cvelist