Lucene search
CVE-2024-5666
The Elementor WordPress plugin is vulnerable to Stored Cross-Site Scripting via the 'url' parameter, allowing authenticated attackers to inject arbitrary web scripts
Show more
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2024-5666 | 29 Jun 202407:15 | – | nvd |
 | CVE-2024-5666 Extensions for Elementor <= 2.0.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter | 29 Jun 202407:05 | – | cvelist |
 | WordPress Extensions for Elementor Plugin <= 2.0.30 is vulnerable to Cross Site Scripting (XSS) | 1 Jul 202400:00 | – | patchstack |
 | CVE-2024-5666 Extensions for Elementor <= 2.0.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter | 29 Jun 202407:05 | – | vulnrichment |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (June 24, 2024 to June 30, 2024) | 3 Jul 202415:31 | – | wordfence |
Node
[
{
"vendor": "petesheppard84",
"product": "Extensions for Elementor",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "2.0.30",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo29 Jun 2024 07:15Current
5.5Medium risk
Vulners AI Score5.5
CVSS35.4 - 6.4
EPSS0.00026
SSVC