7267 matches found
CVE-2021-24263
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24257
The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24257
The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24255
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
CVE-2021-24255
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
Cross site scripting
The “Ultimate Addons for Elementor” WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
Cross site scripting
The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
Cross site scripting
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
Cross site scripting
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
CVE-2021-24271 Ultimate Addons for Elementor < 1.30.0 - Contributor+ Stored XSS
The “Ultimate Addons for Elementor” WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24273
The CVE-2021-24273 entry concerns the WordPress plugin “Clever Addons for Elementor” (versions before 2.1.0). Concrete details from connected sources show a Stored XSS vulnerability in multiple widgets that can be triggered by lower-privileged users (e.g., contributors) via a common method. Impac...
CVE-2021-24271
CVE-2021-24271 affects the WordPress plugin Ultimate Addons for Elementor (before 1.30.0). The vulnerability is a stored XSS in several widgets, exploitable by lower-privileged users (e.g., contributors) via a similar method. Connected sources confirm the affected version and context; the advisor...
CVE-2021-24260 Livemesh Addons for Elementor < 6.8 - Contributor+ Stored XSS
The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24263 PowerPack Addons for Elementor < 2.3.2 - Contributor+ Stored XSS
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24260
The CVE-2021-24260 entry concerns the WordPress plugin Livemesh Addons for Elementor (before version 6.8). Connected data provide concrete details: multiple widgets expose stored XSS by low-privileged users (e.g., contributors) via insufficient sanitization in widget controls. Specific examples i...
CVE-2021-24261
CVE-2021-24261 affects WordPress HT Mega – Absolute Addons for Elementor Page Builder prior to 1.5.7 . Public sources describe stored XSS in multiple widgets (for example, htmega_call_to_action, htmega_section_title, htmega_accordion, and related fields) that can be exploited by lower-privileged ...
CVE-2021-24257
CVE-2021-24257 affects the WordPress plugin Premium Addons for Elementor prior to version 4.2.8. The issue is stored cross-site scripting (XSS) in multiple widgets accessible to low-privilege users (e.g., contributors). The OpenVAS and WPVulnDB entries provide concrete details, including widget-r...
CVE-2021-24262
The CVE concerns the WordPress plugin WooLentor – WooCommerce Elementor Addons + Builder (versions before 1.8.6). A widget, specifically the product title widget, is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users (e.g., contributors) via a flaw in the allowed input for ...
CVE-2021-24255 Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS)
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
Elementor 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A security vulnerability exists in WordPress Livemesh...