CVE-2024-7064

creationtimestamp| type| source ---|---|--- 2024-08-15 09:16:56+00:00| seen| https://t.me/cvedetector/3229...

CVE-2024-7064 ElementsKit Pro <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access an...

WordPress ElementsKit Pro Plugin <= 3.6.5 is vulnerable to Cross Site Scripting (XSS)

Software ElementsKit Pro Type Plugin Vulnerable versions = 3.6.5 Fixed in 3.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7064 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ae540cd84ef6 Credits Webbernaut Required...