Lucene search
+L

47 matches found

Cvelist
Cvelist
added 2024/06/13 5:34 a.m.31 views

CVE-2024-5757 Elementor Header & Footer Builder <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00401EPSS
Exploits0References4
CVE
CVE
added 2024/06/13 5:34 a.m.58 views

CVE-2024-5757

CVE-2024-5757 affects the Elementor Header & Footer Builder plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the Site Title widget’s url attribute in all versions up to and including 1.6.35, caused by insufficient input sanitization and output escaping. Exploitat...

6.4CVSS5.5AI score0.00401EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.5 views

WordPress plugin Elementor Header & Footer Builder security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6AI score0.00401EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.6 views

PT-2024-37124 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.35 Description: The issue is related to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget due to insufficient inpu...

6.4CVSS6.2AI score0.00401EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/06/12 8:6 a.m.5 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability

Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.35...

6.4CVSS5.7AI score0.00401EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/24 6:6 a.m.6 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.26...

6.4CVSS5.8AI score0.00322EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/05/24 5:15 a.m.24 views

CVE-2024-2618

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the size attribute in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00322EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/24 4:29 a.m.21 views

CVE-2024-2618 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the size attribute in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00322EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/24 12:0 a.m.10 views

WordPress plugin Elementor Header & Footer Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.8AI score0.00322EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.7 views

PT-2024-21305 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.26 Description: The issue is related to Stored Cross-Site Scripting via the size attribute due to insufficient input sanitization and output escaping...

6.4CVSS5.9AI score0.00322EPSS
Exploits0References7
OSV
OSV
added 2024/05/16 9:16 p.m.7 views

CVE-2024-2619

The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject...

5.4CVSS5.8AI score0.00377EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/16 8:31 p.m.45 views

CVE-2024-2619 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection

The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject...

5CVSS5.5AI score0.00377EPSS
Exploits0References4
OSV
OSV
added 2024/05/16 11:15 a.m.7 views

CVE-2024-4634

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.9AI score0.00357EPSS
Exploits0References3
NVD
NVD
added 2024/05/16 11:15 a.m.24 views

CVE-2024-4634

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00357EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/16 11:5 a.m.49 views

CVE-2024-4634 Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfesvgmimetypes’ function in versions up to, and including, 1.6.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.3AI score0.00357EPSS
Exploits0References3
CVE
CVE
added 2024/05/16 11:5 a.m.85 views

CVE-2024-4634

CVE-2024-4634 (Elementor Header & Footer Builder, WordPress) stores cross-site scripting via the hfe_svg_mime_types path in versions up to 1.6.28 due to insufficient input sanitization and output escaping. The issue requires authentication (contributors or higher) to inject arbitrary scripts that...

6.4CVSS5.7AI score0.00357EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/05/16 8:31 a.m.8 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.26 - Authenticated (Author+) HTML Injection vulnerability

Authenticated Author+ HTML Injection vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.26...

5.4CVSS7.2AI score0.00377EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.6 views

WordPress plugin Elementor Header & Footer Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.9AI score0.00357EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.9 views

PT-2024-31964 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.28 Description: The issue is related to Stored Cross-Site Scripting via the hfe svg mime types function due to insufficient input sanitization and outpu...

6.4CVSS6AI score0.00357EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.5 views

WordPress plugin Elementor Header & Footer Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.8AI score0.00377EPSS
Exploits0References5
Rows per page
Query Builder