CVE-2024-4208

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the typer effect in the advanced heading widget in all versions up to, and including, 3.2.37 due to insufficient input sanitization and output escaping on user...

CVE-2024-2136

The WPKoi Templates for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-2136 WPKoi Templates for Elementor <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Heading Widget

The WPKoi Templates for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2024-18861 · WordPress · Wpkoi Templates For Elementor

Name of the Vulnerable Software and Affected Versions: WPKoi Templates for Elementor plugin for WordPress versions up to, and including, 2.5.6 Description: The issue is related to Stored Cross-Site Scripting via the Advanced Heading widget due to insufficient input sanitization and output escapin...