573 matches found
CVE-2021-24264
The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24273
The “Clever Addons for Elementor” WordPress Plugin before 2.1.0 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
Cross site scripting
The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24264 Image Hover Effects - Elementor Addon < 1.3.4 - Contributor+ Stored XSS
The “Image Hover Effects – Elementor Addon” WordPress Plugin before 1.3.4 has a widget that is vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24259
CVE-2021-24259 affects the WordPress plugin Elementor Addon Elements, prior to version 1.11.2. Several widgets allow stored XSS by low-privilege users (e.g., contributors) via crafted input in widget fields (notably Flip Box, Price Table, Timeline), due to insufficient input sanitization. Impact ...
CVE-2021-24259 Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
WordPress 插件跨站脚本漏洞
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Elementor Addon Elements Plugin versions prior to 1.11.2. An attacker can exploit this vulnerability to launch a cross-site scripting attack...
WordPress 插件跨站脚本漏洞
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Image Hover EffectsCElementor Addon Plugin versions prior to 1.3.4. An attacker can exploit this vulnerability to launch a cross-site scripting attack...
PT-2021-15801 · WordPress · Ht Mega – Absolute Addons
Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons for Elementor Page Builder versions prior to 1.5.7 Description: The issue concerns stored Cross-Site Scripting XSS in several widgets of the plugin, which can be exploited by lower-privileged users, such as...
Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method. The “Flip Box” widget accepts a “fronttitlehtmltag” parameter. Although the element...
WordPress Image Hover Effects – Elementor Addon plugin <= 1.3.3 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered by WordFence in WordPress Image Hover Effects – Elementor Addon plugin versions = 1.3.3. Solution Update the WordPress Image Hover Effects – Elementor Addon plugin to the latest available version at least 1.3.4...
Elementor Addon Elements < 1.6.4 - CSRF & XSS
Antony Garand of Sucuri discovered that multiple WordPress plugins were vulnerable to Cross-Site Scripting XSS within the admin panel, which could be exploited by using s Cross-Site Request Forgery CSRF attack...
Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites
Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder ," or "Ultimate Addons for Elementor " and haven't recently updated them to the latest available versions. Security researchers have discovered a critical yet easy-to-exploit...