7293 matches found
WordPress plugin Essential Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2024-6282
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-jltma-wrapper-link element in all versions up to, and including 2.0.6.4 due to insufficient input sanitization and output...
WordPress Master Addons plugin <= 2.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-jltma-wrapper-link Element vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via data-jltma-wrapper-link Element vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.6.4...
PT-2024-37510 · WordPress · The Master Addons
Name of the Vulnerable Software and Affected Versions: The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress versions up to, and including 2.0.6.4 Description: The issue is related to Stored Cross-Site Scripting via the...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Master Addons for Elementor Plugin <= 2.0.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Master Addons for Elementor Type Plugin Vulnerable versions = 2.0.6.4 Fixed in 2.0.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6282 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4a14125827b6 Credits Webberna...
CVE-2024-7611
The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute of the Events Card widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-7611
CVE-2024-7611 affects Enter Addons – Ultimate Template Builder for Elementor (WordPress). The vulnerability is a Stored Cross-Site Scripting via the Events Card widget's tag attribute, caused by insufficient input sanitization and output escaping on user-supplied attributes in versions up to 2.1....
PT-2024-38451 · WordPress · Enter Addons – Ultimate Template Builder For Elementor
Name of the Vulnerable Software and Affected Versions: Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress versions up to, and including, 2.1.8 Description: The issue is related to Stored Cross-Site Scripting via the tag attribute of the Events Card widget due to...
WordPress plugin Enter Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2024-43960
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...
CVE-2024-43953
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0...
CVE-2024-43953
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through = 3.5...
CVE-2024-43953 WordPress Classic Addons – WPBakery Page Builder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through = 3.5...
CVE-2024-43953
CVE-2024-43953 : Stored XSS in Classic Addons – WPBakery Page Builder (Classic Addons) affecting versions up to 3.0. Root cause: improper neutralization of input during web page generation. Public documents do not provide exploitation details or a patch status; monitor for updates from the vendor...
CVE-2024-43953 WordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0...
CVE-2024-43960 WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6...
CVE-2024-43960
CVE-2024-43960: Stored XSS in Web and WooCommerce Addons for WPBakery Builder (WPBakery Page Builder) due to improper input neutralization. Affected: Web and WooCommerce Addons for WPBakery Builder, versions n/a–1.4.6. Impact: stored cross-site scripting; specifics on exploit vectors and patch st...
WordPress Royal Elementor Addons and Templates plugin <= 1.3.982 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Royal Elementor Addons versions = 1.3.982...
WordPress plugin Classic Addons – WPBakery Page Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...