WordPress plugin Definitive Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Super Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin SKT Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-34913 · Unknown · Elementsready Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

PT-2024-34819 · Unknown · Sastra Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Sastra Essential Addons for Elementor versions 1.0.0 through 1.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. Specifically, it is a DOM-Based XSS...

WordPress plugin Sastra Essential Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-16211 · WordPress · Magical Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Magical Addons For Elementor plugin for WordPress versions up to, and including, 1.2.4 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private, pending, and draft template dat...

WordPress SKT Addons for Elementor plugin <= 3.3 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin SKT Addons for Elementor versions = 3.3...

WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Cowidgets – Elementor Addons versions = 1.2.0...

WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Cowidgets – Elementor Addons versions = 1.2.0...

WordPress Responsive Addons for Elementor plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf Patchstack Alliance in WordPress Plugin Responsive Addons for Elementor versions = 1.5.4...

WordPress Anant Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Anant Addons for Elementor versions = 1.0.5...

WordPress Pro Addons For Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Pro Addons For Elementor versions = 1.5.0...

WordPress SKT Addons for Elementor Plugin <= 3.3 is vulnerable to Sensitive Data Exposure

Software SKT Addons for Elementor Type Plugin Vulnerable versions = 3.3 Fixed in 3.4 OWASP Top 10 A3: Injection Classification Sensitive Data Exposure CVE CVE-2024-10693 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3577352f604c Credits Francesco Carlucci Required...

WordPress Anant Addons for Elementor Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Anant Addons for Elementor Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51813 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a1918ff11f57 Credits Gab Required privilege...

WordPress The Pack Elementor addons Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)

Software The Pack Elementor addons Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52356 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3e3bdbff1a41 Credits João Pedro S Alcântara Kinor...

WordPress Cowidgets – Elementor Addons Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Cowidgets – Elementor Addons Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8960 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ef9c57e0f569 Credits Francesco...

PT-2024-16469 · Unknown +1 · Skt Addons For Elementor +1

Name of the Vulnerable Software and Affected Versions: SKT Addons for Elementor versions up to, and including, 3.3 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or draft posts created by Elementor that they should not ha...

WordPress Prime Slider - Addons For Elementor plugin <= 3.15.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Blog Widget vulnerability

WordPress Prime Slider - Addons For Elementor plugin = 3.15.18 - Authenticated Contributor+ Stored Cross-Site Scripting via Blog Widget vulnerability discovered by Robert DeVore in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.15.18...

CVE-2024-9867 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Open Map Widget

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' markercontent parameter in all versions up to, and including, 5.10.2 due to insufficient input...