CVE-2024-4333

The Sina Extension for Elementor Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via several parameters in versions up to, and including, 3.5.3 due to insufficient input...

CVE-2024-50521

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in alleythemes Alley Elementor Widget alley-elementor-widget allows DOM-Based XSS.This issue affects Alley Elementor Widget: from n/a through = 1.0.7...

CVE-2024-50543

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mudssar amazing neo icon font for elementor amazing-neo-icon-font-for-elementor allows DOM-Based XSS.This issue affects amazing neo icon font for elementor: from n/a through = 2.0.1...

CVE-2024-50553

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Classy Addons Classy Addons for Elementor classy-addons-for-elementor allows DOM-Based XSS.This issue affects Classy Addons for Elementor: from n/a through = 1.2.7...

CVE-2024-50542

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through = 1.3.1...

CVE-2024-5327

The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and output...

CVE-2024-54338

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in christerf Hello Event Widgets For Elementor hello-event-widgets-for-elementor allows DOM-Based XSS.This issue affects Hello Event Widgets For Elementor: from n/a through = 1.0.2...

CVE-2024-54334

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in zeshanb Quran Phrases About Most People Shortcodes quran-phrases-about-most-people-shortcodes allows DOM-Based XSS.This issue affects Quran Phrases About Most People Shortcodes: from n/a through =...

CVE-2024-54316

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicheaddons Restaurant & Cafe Addon for Elementor restaurant-cafe-addon-for-elementor allows DOM-Based XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through = 1.5.8...

CVE-2024-54345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 Bicycleshop bicycleshop allows DOM-Based XSS.This issue affects Bicycleshop: from n/a through = 1.5...

CVE-2024-54228

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Weboccult Technologies Pvt Ltd Wot Elementor Widgets wot-elementor-widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through = 1.0.1...

CVE-2024-54346

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 Barter barter allows DOM-Based XSS.This issue affects Barter: from n/a through = 1.6...

CVE-2024-54230

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Masud Hasan Unlock Addons for Elementor unlock-addons-for-elementor allows DOM-Based XSS.This issue affects Unlock Addons for Elementor: from n/a through = 2.2.4...

CVE-2024-54315

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicheaddons Events Addon for Elementor events-addon-for-elementor allows DOM-Based XSS.This issue affects Events Addon for Elementor: from n/a through = 2.2.2...

CVE-2024-54250

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows DOM-Based XSS.This issue affects Prodigy Commerce: from n/a through = 3.0.8...

CVE-2024-5819

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 3.2.45 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-51935

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sam Perrow Fast Video and Image Display fast-video-and-image-display allows DOM-Based XSS.This issue affects Fast Video and Image Display: from n/a through = 2.5.2...

CVE-2024-51836

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teconce Wezido wezido-elementor-addon-based-on-easy-digital-downloads allows DOM-Based XSS.This issue affects Wezido: from n/a through = 1.2...

CVE-2024-51584

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anas2004 Marquee Elementor with Posts marquee-elementor allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through = 1.2.0...

CVE-2024-51827

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Movement Ventures Boombox Shortcode boombox-shortcode allows DOM-Based XSS.This issue affects Boombox Shortcode: from n/a through = 1.0.0...