Lucene search
+L

246 matches found

redhatcve
redhatcve
added 2025/02/05 2:37 a.m.9 views

CVE-2024-33635

Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17...

7.5CVSS5.2AI score0.00566EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/04 10:14 p.m.7 views

CVE-2024-35656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...

7.1CVSS6.9AI score0.00331EPSS
Exploits0References1
patchstack
patchstack
added 2025/01/30 7:19 a.m.6 views

WordPress Elementor Pro plugin <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via Shortcode vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Shortcode vulnerability discovered by Ankit Patel in WordPress Plugin Elementor Pro versions = 3.25.10...

6.5CVSS7AI score0.00297EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2024/07/22 10:15 a.m.32 views

CVE-2024-35656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...

7.1CVSS0.00331EPSS
Exploits0References1
osv
osv
added 2024/07/22 10:15 a.m.5 views

CVE-2024-35656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...

6.1CVSS5.8AI score0.00331EPSS
Exploits0References1
cve
cve
added 2024/07/22 10:2 a.m.243 views

CVE-2024-35656

CVE-2024-35656 is an input handling flaw in Elementor Pro (WordPress) that enables Reflected XSS in the Elementor Website Builder Pro up to version 3.21.2. The issue occurs during web page generation and affects Elementor Pro releases prior to the patched version. The connected documents identify...

7.1CVSS7AI score0.00331EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/07/22 10:2 a.m.37 views

CVE-2024-35656 WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...

7.1CVSS0.00331EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/07/22 10:2 a.m.196 views

CVE-2024-35656 WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...

7.1CVSS7AI score0.00331EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/07/22 12:0 a.m.7 views

PT-2024-26602 · Elementor · Elementor Pro

Name of the Vulnerable Software and Affected Versions: Elementor Pro versions 3.21.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS in Elementor Pro. Recommendation...

7.1CVSS5.7AI score0.00331EPSS
Exploits0References5
patchstack
patchstack
added 2024/06/28 8:31 a.m.8 views

WordPress Elementor Pro plugin <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Elementor Pro versions = 3.21.2...

7.1CVSS6.1AI score0.00331EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/06/28 12:0 a.m.24 views

WordPress Elementor Pro Plugin <= 3.21.2 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Pro Type Plugin Vulnerable versions = 3.21.2 Fixed in 3.21.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35656 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 41d6dec3f86d Credits Michael Required privilege...

7.1CVSS6.6AI score0.00331EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/06/20 5:29 p.m.8 views

WordPress The Plus Addons for Elementor plugin <= 5.5.6 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...

8.8CVSS7AI score0.00619EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/06/20 5:28 p.m.7 views

WordPress The Plus Addons for Elementor Page Builder plugin <= 5.5.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...

6.1CVSS6.3AI score0.0031EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/06/20 12:0 a.m.15 views

WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Cross Site Scripting (XSS)

Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5344 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01ee398507f7 Credits...

6.1CVSS5.7AI score0.0031EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2024/06/20 12:0 a.m.17 views

WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Local File Inclusion

Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5455 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 7768d7567cf0 Credits wesley wcraft Required...

8.8CVSS6.9AI score0.00619EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2024/06/19 1:15 p.m.30 views

CVE-2023-35050

Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...

5.4CVSS0.00314EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/06/19 12:28 p.m.19 views

CVE-2023-35050 WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...

5.4CVSS7.2AI score0.00314EPSS
Exploits0References1
cve
cve
added 2024/06/19 12:28 p.m.63 views

CVE-2023-35050

CVE-2023-35050 affects Elementor Pro (WordPress) up to version 3.13.0 and is a Broken Access Control (Missing Authorization) vulnerability. Patchstack and CVE records indicate the issue requires Subscriber privileges and pertains to unauthorized access to subscriber metadata, with patch 3.13.1 re...

5.4CVSS6.5AI score0.00314EPSS
Exploits0References1
cvelist
cvelist
added 2024/06/19 12:28 p.m.26 views

CVE-2023-35050 WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...

5.4CVSS0.00314EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/06/19 12:0 a.m.5 views

WordPress plugin Elementor Pro security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.8AI score0.00314EPSS
Exploits0References2
Rows per page
Query Builder