246 matches found
CVE-2024-33635
Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17...
CVE-2024-35656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...
WordPress Elementor Pro plugin <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via Shortcode vulnerability
Authenticated Contributor+ Sensitive Information Exposure via Shortcode vulnerability discovered by Ankit Patel in WordPress Plugin Elementor Pro versions = 3.25.10...
CVE-2024-35656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...
CVE-2024-35656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...
CVE-2024-35656
CVE-2024-35656 is an input handling flaw in Elementor Pro (WordPress) that enables Reflected XSS in the Elementor Website Builder Pro up to version 3.21.2. The issue occurs during web page generation and affects Elementor Pro releases prior to the patched version. The connected documents identify...
CVE-2024-35656 WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...
CVE-2024-35656 WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2...
PT-2024-26602 · Elementor · Elementor Pro
Name of the Vulnerable Software and Affected Versions: Elementor Pro versions 3.21.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS in Elementor Pro. Recommendation...
WordPress Elementor Pro plugin <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Elementor Pro versions = 3.21.2...
WordPress Elementor Pro Plugin <= 3.21.2 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Pro Type Plugin Vulnerable versions = 3.21.2 Fixed in 3.21.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35656 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 41d6dec3f86d Credits Michael Required privilege...
WordPress The Plus Addons for Elementor plugin <= 5.5.6 - Authenticated Local File Inclusion vulnerability
Authenticated Local File Inclusion vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...
WordPress The Plus Addons for Elementor Page Builder plugin <= 5.5.6 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...
WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Cross Site Scripting (XSS)
Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5344 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01ee398507f7 Credits...
WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Local File Inclusion
Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-5455 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 7768d7567cf0 Credits wesley wcraft Required...
CVE-2023-35050
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...
CVE-2023-35050 WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...
CVE-2023-35050
CVE-2023-35050 affects Elementor Pro (WordPress) up to version 3.13.0 and is a Broken Access Control (Missing Authorization) vulnerability. Patchstack and CVE records indicate the issue requires Subscriber privileges and pertains to unauthorized access to subscriber metadata, with patch 3.13.1 re...
CVE-2023-35050 WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0...
WordPress plugin Elementor Pro security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...