CVE-2024-26055 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

CVE-2024-26055 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

CVE-2024-26055

CVE-2024-26055 affects Adobe Experience Manager 6.5.20 and earlier with a DOM-based Cross-Site Scripting (XSS) vulnerability. The issue could allow an attacker to run arbitrary JavaScript in the victim’s browser context, typically requiring user interaction (e.g., clicking a crafted link or submi...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager Cross-Site Scripting Vulnerability

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The solution supports mobile content management, marketing and sales campaign management, and multi-site management. A...

Adobe Experience Manager 安全漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-5553

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-5553

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-5553 Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-5553 Premium Addons for Elementor <= 4.10.33 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The Premium Addons for Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via several parameters in all versions up to, and including, 4.10.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-5553

CVE-2024-5553 affects Premium Addons for Elementor for WordPress (versions up to and including 4.10.33). It is a DOM-Based Stored Cross-Site Scripting vulnerability caused by insufficient input sanitization and output escaping. Authenticated attackers with Contributor-level access or higher can i...

PT-2024-36542 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.33 Description: The issue is related to DOM-Based Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows...

CVE-2024-5327

The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and output...

CVE-2024-5327 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and output...

CVE-2024-5327

PowerPack Addons for Elementor (PowerPack Lite for Elementor)

CVE-2024-5327 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and output...

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) < 2.7.20 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

Description The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘ppanimatedgradientbgcolor’ parameter in all versions up to, and including, 2.7.19 due to insufficient input sanitization and...

CVE-2024-4619

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in versions up to, and including, 3.21.5 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-4619

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in versions up to, and including, 3.21.4 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-4619

CVE-2024-4619 affects Elementor Website Builder – More than Just a Page Builder for WordPress. The vulnerability is DOM-based Stored XSS in the hover_animation parameter, Web impact per sources: attacker with contributor+ permissions can inject scripts that execute when users load the affected pa...