PT-2024-39750 · WordPress · The Royal Elementor Addons/Templates

Name of the Vulnerable Software and Affected Versions: Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.7.1001 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Countdown widget due to insufficient input sanitization and...

WordPress Drozd – Addons for Elementor Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Drozd – Addons for Elementor Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52425 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0557358ff3fc Credits Gab Required privilege...

CVE-2024-10538

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the beforelabel parameter in the Image Comparison widget in all versions up to, and including, 3.12.5 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Happy Addons for Elementor plugin <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Image Comparison vulnerability discovered by zer0gh0st in WordPress Plugin Happy Addons for Elementor versions = 3.12.5...

WordPress Happy Addons for Elementor Plugin <= 3.12.5 is vulnerable to Cross Site Scripting (XSS)

Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.12.5 Fixed in 3.12.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10538 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID ab1a8b8b368b Credits zer0gh0st Required...

WordPress plugin Happy Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael in WordPress Plugin Master Addons for Elementor versions = 2.0.9.9.4...

CVE-2024-52358

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4...

CVE-2024-52356

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0...

CVE-2024-52356

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through = 2.1.0...

CVE-2024-52356 WordPress The Pack Elementor addons plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through = 2.1.0...

CVE-2024-52358 WordPress Responsive Addons for Elementor plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through = 1.5.4...

CVE-2024-52358

CVE-2024-52358 : In the WordPress plugin Responsive Addons for Elementor (Free Elementor Addons Plugin and Elementor Templates), an authenticated user can trigger a DOM-based Cross-Site Scripting (XSS) vulnerability through improper input handling during web page generation. Affected: Responsive ...

WordPress plugin Responsive Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin The Pack Elementor addons 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

PT-2024-16354 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.12.5 Description: The issue is related to Stored Cross-Site Scripting via the before label parameter in the Image Comparison widget due to insufficient input...

CVE-2024-51580

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zootemplate Clever Addons for Elementor cafe-lite allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through = 2.2.1...

CVE-2024-51580

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.1...

CVE-2024-51580 WordPress Clever Addons for Elementor plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zootemplate Clever Addons for Elementor cafe-lite allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through = 2.2.1...

CVE-2024-51580

CVE-2024-51580 affects WordPress plugin Clever Addons for Elementor (versions up to and including 2.2.1). The issue is an Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Impact is described as XSS with potential leakage of inform...