7293 matches found
CVE-2024-5818 Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...
WordPress Royal Elementor Addons and Templates plugin <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget vulnerability discovered by Webbernaut in WordPress Plugin Royal Elementor Addons versions = 1.3.980...
PT-2024-37180 · WordPress · The Royal Elementor Addons/Templates
Name of the Vulnerable Software and Affected Versions: The Royal Elementor Addons and Templates plugin for WordPress versions up to, and including, 1.3.980 Description: The issue is related to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget due to insufficient...
WordPress Royal Elementor Addons Plugin <= 1.3.980 is vulnerable to Cross Site Scripting (XSS)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.980 Fixed in 1.3.981 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5818 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 21750c8b6654 Credits Webbernaut Required...
WordPress plugin Royal Elementor Addons and Templates 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-38730
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...
CVE-2024-38730
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...
CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...
CVE-2024-38730
CVE-2024-38730: SSRF in Magical Addons For Elementor (WordPress plugin) affects Magical Addons For Elementor versions n/a through 1.1.41. Evidence in multiple feeds links to WordPress/plugin vulnerability tracking indicates the issue is present up to 1.1.41 and has been patched in later versions....
CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...
CVE-2024-37244
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ninja Team Ninja Beaver Add-ons for Beaver Builder allows Stored XSS.This issue affects Ninja Beaver Add-ons for Beaver Builder: from n/a through 2.4.5...
CVE-2024-37121
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...
CVE-2024-37121
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...
CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...
CVE-2024-37121
CVE-2024-37121 is a Stored XSS vulnerability in WordPress plugin Shortcode Addons (biplob018 Shortcode Addons) affecting versions up to 3.2.5. The issue is described as Improper Neutralization of Input During Web Page Generation. Public details in connected sources confirm the vulnerability vecto...
CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...
CVE-2024-37409
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Stored XSS.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.4...
CVE-2024-37263
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6...
CVE-2024-37263
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ThemeLooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.6...
CVE-2024-37263
CVE-2024-37263 is a stored Cross-Site Scripting (XSS) vulnerability in WordPress plugin Enter Addons – Ultimate Template Builder for Elementor. Affected software: Enter Addons: from n/a through 2.1.6. The issue arises from improper neutralization of input during web page generation. Impact is sto...