Lucene search
K

120 matches found

NVD
NVD
added 2024/10/05 2:15 p.m.13 views

CVE-2024-47628

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through = 1.3.9.3...

6.5CVSS0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/05 1:23 p.m.13 views

CVE-2024-47628 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.9.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through = 1.3.9.3...

6.5CVSS5.9AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/05 1:23 p.m.28 views

CVE-2024-47628 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.9.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through = 1.3.9.3...

6.5CVSS0.00237EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.10 views

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.3.9.3 is vulnerable to Cross Site Scripting (XSS)

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.3.9.3 Fixed in 1.3.9.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47628 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8e41d1566ec6 Credits João Pedro S...

6.5CVSS6.8AI score0.00237EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/08/12 10:15 p.m.14 views

CVE-2024-43210

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.9.2...

6.5CVSS5.2AI score0.00245EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/12 9:46 p.m.28 views

CVE-2024-43210 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.9.2...

6.5CVSS0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 9:46 p.m.16 views

CVE-2024-43210 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LA-Studio LA-Studio Element Kit for Elementor allows Stored XSS.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.9.2...

6.5CVSS6.8AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 9:46 p.m.49 views

CVE-2024-43210

CVE-2024-43210: LA-Studio Element Kit for Elementor is affected by a stored XSS due to improper input neutralization during web page generation. Impact is stored cross-site scripting within pages rendered by the plugin, affecting LA-Studio Element Kit for Elementor versions up to 1.3.9.2 (vendor)...

6.5CVSS6.5AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

WordPress plugin LA-Studio Element Kit for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00245EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/09 10:59 a.m.4 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.9.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.9.2...

6.5CVSS6.1AI score0.00245EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/09 12:0 a.m.11 views

WordPress LA-Studio Element Kit for Elementor Plugin <= 1.3.9.2 is vulnerable to Cross Site Scripting (XSS)

Software LA-Studio Element Kit for Elementor Type Plugin Vulnerable versions = 1.3.9.2 Fixed in 1.3.9.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43210 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2d710467debc Credits Khalid Yusuf...

6.5CVSS6.9AI score0.00245EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/07/02 8:15 a.m.19 views

CVE-2024-37479

Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progresstype" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1...

8.8CVSS0.00443EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/02 7:40 a.m.19 views

CVE-2024-37479 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Contributor+ Local File Inclusion vulnerability

Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progresstype" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1...

8.5CVSS7AI score0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 7:40 a.m.27 views

CVE-2024-37479 WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Contributor+ Local File Inclusion vulnerability

Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progresstype" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.8.1...

8.5CVSS0.00443EPSS
Exploits0References1
CVE
CVE
added 2024/07/02 7:40 a.m.65 views

CVE-2024-37479

CVE-2024-37479 affects LA-Studio Element Kit for Elementor. A Local File Inclusion flaw exists in the LA-Studio Progress Bar widget, exposed through the progress_type attribute in the New Post context. The issue is labeled as authenticated (Contributor+) LFI, impacting versions up to 1.3.8.1. Exp...

8.8CVSS8.5AI score0.00443EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/02 7:34 a.m.5 views

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.8.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.8.1...

8.8CVSS7AI score0.00443EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/07/02 5:15 a.m.29 views

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS0.00955EPSS
Exploits0References2
OSV
OSV
added 2024/07/02 5:15 a.m.10 views

CVE-2024-5349

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS6.3AI score0.00955EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/02 4:31 a.m.23 views

CVE-2024-5349 LA-Studio Element Kit for Elementor <= 1.3.8.1 - Authenticated (Contributor+) Local File Inclusion

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'mapstyle' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...

8.8CVSS7.7AI score0.00955EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.5 views

PT-2024-35760 · WordPress · La-Studio Element Kit For Elementor

Name of the Vulnerable Software and Affected Versions: LA-Studio Element Kit for Elementor plugin for WordPress versions up to, and including, 1.3.8.1 Description: The issue allows authenticated attackers with Contributor-level access and above to include and execute arbitrary files on the server...

8.8CVSS8AI score0.00955EPSS
Exploits0References5
Rows per page
Query Builder