CVE-2024-53823 WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a...

CVE-2024-53823 WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14...

CVE-2024-53823

CVE-2024-53823 involves a DOM-based cross-site scripting (XSS) vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite (WordPress plugin). The root cause is improper neutralization of input during web page generation, enabling XSS in affected pages. Affected software: The Plus A...

CVE-2024-54210 WordPress Advanced Element Bucket Addons for Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexShaper Advanced Element Bucket Addons for Elementor allows Stored XSS.This issue affects Advanced Element Bucket Addons for Elementor: from n/a through 1.0.2...

CVE-2024-54210

CVE-2024-54210 describes a stored XSS in WordPress plugin Advanced Element Bucket Addons for Elementor (CodexShaper) due to improper input neutralization during web page generation. Affected: versions up to 1.0.2 (inclusive). The connected Red Hat and CVE references corroborate the stored XSS vul...

CVE-2024-54212 WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through = 1.3.6...

CVE-2024-54212

CVE-2024-54212 (WordPress Magical Addons For Elementor) Stored XSS due to improper input neutralization during web page generation. Affected plugin: Magical Addons For Elementor (Header/Footer Builder, Free Elementor Widgets, Elementor Templates Library) up to version 1.2.6 (per CVE description)....

CVE-2024-12110

The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate and deactivate functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2024-10692 PowerPack Elementor Addons (Free Widgets, Extensions and Templates) <= 2.8.1 - Authenticated (Contributor+) Post Disclosure

The PowerPack Elementor Addons Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 via the Content Reveal widget due to insufficient restrictions on which posts can be included. This makes it possible for...

CVE-2024-10692

PowerPack Elementor Addons (PowerPack Lite for Elementor) for WordPress suffers an information-exposure vulnerability in the Content Reveal widget (affecting versions up to 2.8.1). The issue arises from insufficient restrictions on which posts can be included, enabling authenticated attackers wit...

CVE-2024-12110 Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation

The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate and deactivate functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2024-12110

CVE-2024-12110 affects WordPress plugin Gold Addons for Elementor. All versions up to 1.3.2 are vulnerable due to missing capability checks in activate() and deactivate(), enabling authenticated users with Subscriber+ rights to modify licenses. Public sources in connected documents confirm the is...

CVE-2024-12110 Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation

The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate and deactivate functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin Themesflat Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Gold Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin PowerPack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-35939 · Elementor · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions through 5.6.14 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This means that an attacker could...

WordPress plugin The Plus Addons for Elementor Page Builder Lite 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin The Plus...

WordPress plugin Advanced Element Bucket Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2024-35910 · Unknown · Themesflat Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Themesflat Addons For Elementor versions prior to 2.2.3 is not mentioned, however, the version 2.2.2 is mentioned as affected, so we can say Themesflat Addons For Elementor versions through 2.2.2 Description: The issue is related to an Improp...