Lucene search

CVE-2024-4485

🗓️ 24 May 2024 07:10:15Reported by [email protected]Type

The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to 5.5.

Reporter	Title	Published	Views	Family All 5
WPVulnDB	The Plus Addons for Elementor < 5.5.3 - Contributor+ Stored XSS	24 May 202400:00	–	wpvulndb
Cvelist	CVE-2024-4485 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting	24 May 202406:42	–	cvelist
CVE	CVE-2024-4485	24 May 202407:15	–	cve
Vulnrichment	CVE-2024-4485 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting	24 May 202406:42	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)	30 May 202415:23	–	wordfence

Nvd

Node

posimyth the_plus_addons_for_elementorRange<5.5.3freewordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/5.5.2/modules/widgets/tp_button.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/4890cd48-a448-4af1-ae1e-6456300434e5
plugins	www.plugins.trac.wordpress.org/changeset/3083932

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2024 07:15Current

5.9Medium risk

Vulners AI Score5.9

CVSS35.4

EPSS0.00053

CWE-79