Lucene search
K

573 matches found

OSV
OSV
added 2021/05/05 7:15 p.m.6 views

CVE-2021-24264

The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS5.8AI score0.0059EPSS
Exploits0References2
OSV
OSV
added 2021/05/05 7:15 p.m.4 views

CVE-2021-24273

The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4CVSS6.1AI score0.0059EPSS
Exploits0References2
Prion
Prion
added 2021/05/05 7:15 p.m.17 views

Cross site scripting

The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

3.5CVSS5.2AI score0.0059EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/05 6:28 p.m.20 views

CVE-2021-24264 Image Hover Effects - Elementor Addon < 1.3.4 - Contributor+ Stored XSS

The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4AI score0.0059EPSS
Exploits0References2
CVE
CVE
added 2021/05/05 6:28 p.m.60 views

CVE-2021-24259

CVE-2021-24259 affects the WordPress plugin Elementor Addon Elements, prior to version 1.11.2. Several widgets allow stored XSS by low-privilege users (e.g., contributors) via crafted input in widget fields (notably Flip Box, Price Table, Timeline), due to insufficient input sanitization. Impact ...

5.4CVSS5.2AI score0.0059EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/05 6:28 p.m.20 views

CVE-2021-24259 Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS

The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...

5.4AI score0.0059EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.5 views

WordPress 插件跨站脚本漏洞

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addon Elements Plugin versions prior to 1.11.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

5.4CVSS5.3AI score0.0059EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.6 views

WordPress 插件跨站脚本漏洞

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Image Hover EffectsCElementor Addon Plugin versions prior to 1.3.4. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

5.4CVSS5.3AI score0.0059EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/05/05 12:0 a.m.9 views

PT-2021-15801 · WordPress · Ht Mega – Absolute Addons

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons for Elementor Page Builder versions prior to 1.5.7 Description: The issue concerns stored Cross-Site Scripting XSS in several widgets of the plugin, which can be exploited by lower-privileged users, such as...

5.4CVSS6AI score0.00663EPSS
Exploits1References6
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.22 views

Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS

The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Flip Box” widget accepts a “fronttitlehtmltag” parameter. Although the element...

3.5CVSS0.8AI score0.0059EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2021/04/13 12:0 a.m.11 views

WordPress Image Hover Effects – Elementor Addon plugin <= 1.3.3 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered by WordFence in WordPress Image Hover Effects – Elementor Addon plugin versions = 1.3.3. Solution Update the WordPress Image Hover Effects – Elementor Addon plugin to the latest available version at least 1.3.4...

2.1AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/09/09 12:0 a.m.13 views

Elementor Addon Elements < 1.6.4 - CSRF & XSS

Antony Garand of Sucuri discovered that multiple WordPress plugins were vulnerable to Cross-Site Scripting XSS within the admin panel, which could be exploited by using s Cross-Site Request Forgery CSRF attack...

2.2AI score
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2019/12/13 10:21 a.m.6 views

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder ," or "Ultimate Addons for Elementor " and haven't recently updated them to the latest available versions. Security researchers have discovered a critical yet easy-to-exploit...

5.8AI score
Exploits0
Rows per page
Query Builder