7293 matches found
CVE-2024-6495 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-6495
CVE-2024-6495 refers to a Stored DOM-based Cross-Site Scripting vulnerability in the Premium Addons for Elementor WordPress plugin (versions up to 4.10.36) due to insufficient input sanitization and output escaping in the Animated Text widget. Exploitation requires authenticated access (contribut...
CVE-2024-6495 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Premium Addons for Elementor plugin <= 4.10.36 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Animated Text Widget vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Animated Text Widget vulnerability discovered by Webbernaut in WordPress Plugin Premium Addons for Elementor versions = 4.10.36...
WordPress plugin Premium Addons for Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exists in th...
WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.1.41...
WordPress Master Addons for Elementor plugin <= 2.0.6.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Master Addons for Elementor versions = 2.0.6.2...
WordPress ElementInvader Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin ElementInvader Addons for Elementor versions = 1.2.4...
WordPress Magical Addons For Elementor Plugin <= 1.1.41 is vulnerable to Server Side Request Forgery (SSRF)
Software Magical Addons For Elementor Type Plugin Vulnerable versions = 1.1.41 Fixed in 1.1.42 OWASP Top 10 A10: Server-Side Request Forgery SSRF Classification Server Side Request Forgery SSRF CVE CVE-2024-38730 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID fde356989d5f...
WordPress ElementInvader Addons for Elementor Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS)
Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38705 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 746db74502e1 Credits Michael Required...
WordPress Sky Addons for Elementor plugin <= 2.5.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Sky Addons for Elementor versions = 2.5.5...
WordPress Magical Addons For Elementor plugin <= 1.1.41 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SouzaZinn Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.1.41...
WordPress WPBITS Addons For Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin WPBITS Addons For Elementor Page Builder versions = 1.5...
CVE-2024-4866 UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input...
PT-2024-33179 · WordPress · Ultraaddons
Name of the Vulnerable Software and Affected Versions: UltraAddons – Elementor Addons plugin for WordPress versions up to, and including, 1.1.6 Description: The issue is related to Stored Cross-Site Scripting via multiple widgets due to insufficient input sanitization and output escaping on...
WordPress SKT Addons for Elementor Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software SKT Addons for Elementor Type Plugin Vulnerable versions = 3.1 Fixed in 3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38674 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 02254511f638 Credits 4rCanJ0x! Required privilege...
WordPress Magical Addons For Elementor Plugin <= 1.1.41 is vulnerable to Cross Site Scripting (XSS)
Software Magical Addons For Elementor Type Plugin Vulnerable versions = 1.1.41 Fixed in 1.1.42 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38681 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3c7be40ba089 Credits SouzaZinn Required...
WordPress Sky Addons for Elementor Plugin <= 2.5.5 is vulnerable to Cross Site Scripting (XSS)
Software Sky Addons for Elementor Type Plugin Vulnerable versions = 2.5.5 Fixed in 2.5.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38687 Patch priority Low CVSS severity Low 6.5 Developer Shahidul Islam PSID d7729ac64aec Credits Khalid Yusuf Required privileg...
WordPress WPBITS Addons For Elementor Page Builder Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)
Software WPBITS Addons For Elementor Page Builder Type Plugin Vulnerable versions = 1.5 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37945 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6f6499d9aa17 Credits Michael Require...
CVE-2024-37520
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through = 2.1.12...