Lucene search
CVE-2024-4107
Elementor Website Builder plugin for WordPress, up to version 3.21.0, allows stored Cross-Site Scripting, enabling attackers to inject web scripts
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | CVE-2024-4107 | 14 May 202415:42 | – | nvd |
 | WordPress Elementor Pro Plugin <= 3.21.0 is vulnerable to Cross Site Scripting (XSS) | 3 May 202400:00 | – | patchstack |
 | Elementor Website Builder Pro < 3.21.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | 2 May 202400:00 | – | wpvulndb |
 | CVE-2024-4107 Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | 9 May 202420:03 | – | cvelist |
 | CVE-2024-4107 Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | 9 May 202420:03 | – | vulnrichment |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024) | 9 May 202416:49 | – | wordfence |
Node
[
{
"vendor": "https://elementor.com/",
"product": "Elementor Website Builder Pro",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "3.21.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 May 2024 15:42Current
5.7Medium risk
Vulners AI Score5.7
CVSS35.4 - 6.4
EPSS0.00061
SSVC