CVE-2024-54224 WordPress ElementsReady Addons for Elementor plugin <= 6.4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in quomodosoft ElementsReady Addons for Elementor element-ready-lite allows DOM-Based XSS.This issue affects ElementsReady Addons for Elementor: from n/a through = 6.4.7...

CVE-2024-54228

The CVE CVE-2024-54228 affects WebOccult Technologies Pvt Ltd Wot Elementor Widgets (WordPress plugin). It is a DOM-based Cross-Site Scripting (XSS) vulnerability introduced by improper input neutralization during web page generation, affecting versions from n/a up to 1.0.1. Public sources in the...

CVE-2024-54230 WordPress Unlock Addons for Elementor plugin <= 2.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Masud Hasan Unlock Addons for Elementor unlock-addons-for-elementor allows DOM-Based XSS.This issue affects Unlock Addons for Elementor: from n/a through = 2.2.4...

CVE-2024-54230 WordPress Unlock Addons for Elementor plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPRealizer Unlock Addons for Elementor allows DOM-Based XSS.This issue affects Unlock Addons for Elementor: from n/a through 1.0.0...

CVE-2024-54230

CVE-2024-54230 describes a DOM-based cross-site scripting (XSS) vulnerability in the WordPress plugin Unlock Addons for Elementor (WPRealizer Unlock Addons for Elementor). The issue arises from improper neutralization of input during web page generation. The CVE text indicates the flaw affects Un...

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

PT-2024-36106 · Unknown · Wot Elementor Widgets

Name of the Vulnerable Software and Affected Versions: Wot Elementor Widgets versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows DOM-Based XSS. This means that an attacker could potentially inject malicious...

CVE-2024-53823

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a...

CVE-2024-53796

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows DOM-Based XSS.This issue affects themesflat-addons-for-elementor: from n/a through = 2.2.2...

CVE-2024-53796 WordPress Themesflat Addons For Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows DOM-Based XSS.This issue affects themesflat-addons-for-elementor: from n/a through = 2.2.2...

CVE-2024-53796

CVE-2024-53796 concerns Themesflat Addons For Elementor. The vulnerability is an improper neutralization of input during web page generation, leading to a DOM-based XSS in the plugin. Affected product: Themesflat Addons For Elementor (versions up to and including 2.2.2, with the core issue named ...

CVE-2024-53823

CVE-2024-53823 involves a DOM-based cross-site scripting (XSS) vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite (WordPress plugin). The root cause is improper neutralization of input during web page generation, enabling XSS in affected pages. Affected software: The Plus A...

CVE-2024-53823 WordPress The Plus Addons for Elementor plugin <= 5.6.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14...

WordPress FV Flowplayer Video Player plugin <= 7.5.47.7212 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin FV Flowplayer Video Player versions = 7.5.47.7212...

WordPress NextGEN Gallery plugin <= 3.59.4 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin NextGEN Gallery versions = 3.59.4...

WordPress Colibri Page Builder plugin <= 1.0.286 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Colibri Page Builder versions = 1.0.286...

WordPress Easy Social Feed Premium plugin <= 6.6.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Easy Social Feed Premium versions = 6.6.2...

CVE-2024-53741

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Garrett Grimm Simple Popup simple-popup-plugin allows DOM-Based XSS.This issue affects Simple Popup: from n/a through = 4.6...

CVE-2024-53709

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nasir Uddin Generic Elements generic-elements-for-elementor allows DOM-Based XSS.This issue affects Generic Elements: from n/a through = 1.2.5...

CVE-2024-52502

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ImbaSynergy ImbaChat imbachat-widget allows DOM-Based XSS.This issue affects ImbaChat: from n/a through = 3.1.4...