WordPress Royal Elementor Addons and Templates plugin <= 1.7.1001 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by zer0gh0st in WordPress Plugin Royal Elementor Addons versions = 1.7.1001...

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through = 1.7.1001...

CVE-2024-9059

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through = 1.7.1001...

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

WordPress plugin Royal Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Royal Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

WordPress Royal Elementor Addons plugin <= 1.7.1001 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Royal Elementor Addons versions = 1.7.1001...

WordPress Royal Elementor Addons plugin <= 1.7.1001 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Royal Elementor Addons versions = 1.7.1001...

WordPress Royal Elementor Addons and Templates plugin <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Form Builder Widget vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Form Builder Widget vulnerability discovered by zer0gh0st in WordPress Plugin Royal Elementor Addons versions = 1.7.1001...

WordPress Royal Elementor Addons Plugin <= 1.7.1001 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.7.1001 Fixed in 1.7.1002 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9682 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID ab419098cc35 Credits zer0gh0st Required...

CVE-2024-9682

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Form Builder widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-9059

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget in all versions up to, and including, 1.7.1001 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Royal Elementor Addons and Templates 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress plugin Royal Elementor Addons and Templates 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...