Lucene search

CVE-2024-5041

🗓️ 31 May 2024 10:10:15Reported by [email protected]Type

The Happy Addons for Elementor WordPress plugin is vulnerable to Stored Cross-Site Scripting via 'ha-ia-content-button' parameter due to insufficient sanitization and output escaping

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2024-5041 Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion	31 May 202409:31	–	cvelist
CVE	CVE-2024-5041	31 May 202410:15	–	cve
CNVD	WordPress Happy Addons for Elementor plugin cross-site scripting vulnerability (CNVD-2024-26468)	5 Jun 202400:00	–	cnvd
Vulnrichment	CVE-2024-5041 Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion	31 May 202409:31	–	vulnrichment
WPVulnDB	Happy Addons for Elementor < 3.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion	30 May 202400:00	–	wpvulndb
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 27, 2024 to June 2, 2024)	6 Jun 202415:09	–	wordfence

Nvd

Node

leevio happy_addons_for_elementorRange≤3.10.9freewordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3095128/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/fb037c9f-5d20-46f6-b1ff-34b9d192bad2
plugins	www.plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/widgets/image-accordion/widget.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 May 2024 10:15Current

5.9Medium risk

Vulners AI Score5.9

CVSS35.4

EPSS0.00153

CWE-79