573 matches found
CVE-2024-1358 Elementor Addon Elements <= 1.12.12 - Directory Traversal to Local File Inclusion
The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on th...
WordPress Plugin Exclusive Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
PT-2024-18032 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the modal popup widget's effect setting due to insufficient input sanitization and outpu...
PT-2024-18004 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the button1 icon attribute of the Dual Button widget due to insufficient input...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Premium Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Elementor Addon Elements Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2024-18005 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.12.12 Description: The issue is related to Stored Cross-Site Scripting via the icon align attribute of the Content Switcher widget due to insufficient input...
Elementor Addon Elements < 1.13 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via the 'button1icon' attribute of the Dual Button widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrar...
WordPress Elementor Addon Elements Plugin <= 1.12.12 is vulnerable to Local File Inclusion
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.12 Fixed in 1.13 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-1358 Patch priority Low CVSS severity Low 8.8 Developer WPVibes PSID 7c75b4731d57 Credits wesley wcraft Required privilege...
WordPress Elementor Addon Elements Plugin <= 1.12.12 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.12 Fixed in 1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1422 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 6fd48d0d495c Credits Webbernaut Required...
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Elementor Addon Elements Plugin <= 1.12.11 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.11 Fixed in 1.12.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0834 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 65cab16f462f Credits Webbernaut Required...
CVE-2024-0834
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...
CVE-2024-0834
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...
CVE-2024-0834
CVE-2024-0834 affects the WordPress plugin Elementor Addon Elements (versions
CVE-2024-0834
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the linkto parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...