WordPress Essential Addons for Elementor plugin <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles' vulnerability

🗓️ 10 May 2024 02:08:01Reported by Ngô Thiên An (ancorn_)Type

Authenticated stored XSS in Essential Addons for Elementor up to 5.9.19 via Interactive Circles.

Reporter	Title	Published	Views	Family All 12
CNNVD	WordPress plugin Essential Addons for Elementor 安全漏洞	14 May 202400:00	–	cnnvd
CVE	CVE-2024-4275	10 May 202407:33	–	cve
Cvelist	CVE-2024-4275 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles'	10 May 202407:33	–	cvelist
EUVD	EUVD-2024-32825	3 Oct 202520:07	–	euvd
NVD	CVE-2024-4275	14 May 202415:43	–	nvd
OpenVAS	WordPress Essential Addons for Elementor Plugin < 5.9.20 Multiple XSS Vulnerabilities	2 Aug 202400:00	–	openvas
Patchstack	WordPress Essential Addons for Elementor Plugin <= 5.9.19 is vulnerable to Cross Site Scripting (XSS)	10 May 202400:00	–	patchstack
Positive Technologies	PT-2024-30126 · WordPress · Essential Addons For Elementor	10 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-4275	23 May 202508:40	–	redhatcve
Vulnrichment	CVE-2024-4275 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles'	10 May 202407:33	–	vulnrichment

Vulners

Node

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/essential-addons-for-elementor-lite/essential-addons-for-elementor-best-elementor-templates-widgets-kits-woocommerce-builders-5919-authenticated-contributor-stored-cross-site-scripti

10 May 2024 02:08Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.4 - 6.4

EPSS0.00196

SSVC