100 matches found
CVE-2024-9888
The CVE-2024-9888 entry concerns the WordPress plugin ElementInvader Addons for Elementor. A Stored Cross-Site Scripting (XSS) vulnerability exists in the plugin’s contact form widget redirect URL due to insufficient input sanitization and output escaping on user-supplied attributes. Affected ver...
WordPress plugin ElementInvader Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress ElementInvader Addons for Elementor plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin ElementInvader Addons for Elementor versions = 1.2.8...
PT-2024-39914 · WordPress · Elementinvader Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor plugin for WordPress versions up to, and including, 1.2.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's contact form widget redirect URL due to insufficient input...
WordPress ElementInvader Addons for Elementor Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9888 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2293b37c11ea Credits Coli...
CVE-2024-47630
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.7...
CVE-2024-47630 WordPress ElementInvader Addons for Elementor plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.7...
PT-2024-32688 · Unknown · Elementinvader Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor versions 1.2.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
WordPress plugin ElementInvader Addons for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-38705
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.4...
CVE-2024-38705
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.4...
CVE-2024-38705
CVE-2024-38705 affects ElementInvader Addons for Elementor (WordPress). The vulnerability is a Stored XSS caused by improper neutralization of input during web page generation, affecting ElementInvader Addons for Elementor versions up to and including 1.2.4. Mitigation: upgrade to a version later...
CVE-2024-38705 WordPress ElementInvader Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.4...
CVE-2024-38705 WordPress ElementInvader Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.4...
PT-2024-28149 · Elementor · Elementinvader Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor versions 1.2.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
WordPress ElementInvader Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin ElementInvader Addons for Elementor versions = 1.2.4...
CVE-2024-2308
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link in the EliSlider in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
CVE-2024-2308 ElementInvader Addons for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link in the EliSlider in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
WordPress Plugin ElementInvader Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2024-19658 · WordPress · Elementinvader Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is related to Stored Cross-Site Scripting via the button link in the EliSlider. This is due to insufficient input sanitizatio...