7293 matches found
WordPress Premium Addons for Elementor plugin <= 4.10.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Media Grid Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Media Grid Widget vulnerability discovered by zer0gh0st in WordPress Plugin Premium Addons for Elementor versions = 4.10.52...
PT-2024-39175 · WordPress · Premium Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.52 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Media Grid widget due to insufficient input sanitization and output...
WordPress plugin Premium Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Mageia: Security Advisory (MGASA-2024-0316)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress Sky Addons for Elementor plugin <= 2.5.11 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Sky Addons for Elementor versions = 2.5.11...
WordPress Sky Addons for Elementor Plugin <= 2.5.11 is vulnerable to Cross Site Scripting (XSS)
Software Sky Addons for Elementor Type Plugin Vulnerable versions = 2.5.11 Fixed in 2.5.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47332 Patch priority Low CVSS severity Low 6.5 Developer Shahidul Islam PSID 1b7a4bbe875a Credits João Pedro S Alcântara Kinor...
CVE-2024-8546
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-8546
CVE-2024-8546 : ElementsKit Elementor addons for WordPress (
WordPress ElementsReady Addons for Elementor plugin <= 6.4.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin ElementsReady Addons for Elementor versions = 6.4.0...
WordPress Elementor Addons by Livemesh plugin <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piechart_settings Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via piechartsettings Parameter vulnerability discovered by stealthcopter in WordPress Plugin Livemesh Addons for Elementor versions = 8.5...
CVE-2024-8858
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechartsettings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-8858
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechartsettings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-8858
CVE-2024-8858: Elementor Addons by Livemesh for WordPress is vulnerable to Stored Cross-Site Scripting via the piechart_settings parameter in all versions up to and including 8.5. An authenticated attacker with Contributor-level access or higher can inject scripts that execute when users load the...
CVE-2024-8858 Elementor Addons by Livemesh <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piechart_settings Parameter
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechartsettings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-8858 Elementor Addons by Livemesh <= 8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via piechart_settings Parameter
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechartsettings’ parameter in all versions up to, and including, 8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Move Addons for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by GoatSniff Patchstack Alliance in WordPress Plugin Move Addons for Elementor versions = 1.3.3...
CVE-2024-47303
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for Elementor: from n/a through 8.5...
CVE-2024-47303
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in livemesh Livemesh Addons for Elementor addons-for-elementor allows Cross-Site Scripting XSS.This issue affects Livemesh Addons for Elementor: from n/a through = 8.5...
WordPress HT Mega – Absolute Addons For Elementor plugin <= 2.6.5 - Authenticated (Contributor+) Sensitive Information Exposure via template_id vulnerability
Authenticated Contributor+ Sensitive Information Exposure via templateid vulnerability discovered by Ankit Patel in WordPress Plugin HT Mega versions = 2.6.5...
CVE-2024-47303
The CVE-2024-47303 entry concerns the WordPress plugin Livemesh Addons for Elementor (versions