Lucene search
K

2311 matches found

Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Cross site scripting

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the side image URL parameter in the Age Gate in all versions up to, and including, 3.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.5CVSS6AI score0.00496EPSS
Exploits0References3
Prion
Prion
added 2024/02/29 1:43 a.m.24 views

Cross site scripting

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion widget in all versions up to, and including, 5.9.8 due to insufficient input sanitization and output...

5.5CVSS6AI score0.00456EPSS
Exploits0References4
Prion
Prion
added 2024/02/29 1:43 a.m.31 views

Cross site scripting

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.5CVSS6.1AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.4 views

WordPress Plugin Essential Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS5.9AI score0.00446EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin Premium Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

6.4CVSS5.9AI score0.00406EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

WordPress Plugin Happy Addons for Elementor plugin for WordPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS5.9AI score0.00496EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin Essential Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS5.9AI score0.00456EPSS
Exploits0References5
OSV
OSV
added 2024/02/21 7:15 a.m.4 views

CVE-2024-24843

Cross-Site Request Forgery CSRF vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8...

8.8CVSS7.3AI score0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/21 12:0 a.m.3 views

WordPress Plugin PowerPack Addons for Elementor Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS6.7AI score0.0022EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.15 views

CVE-2024-1411 PowerPack Addons for Elementor <= 2.7.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Buttons Widget

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS7AI score0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.40 views

CVE-2024-1411 PowerPack Addons for Elementor <= 2.7.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Buttons Widget

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References2
CVE
CVE
added 2024/02/20 6:56 p.m.75 views

CVE-2024-1411

CVE-2024-1411 affects PowerPack Addons for Elementor (WordPress). The vulnerability is a Stored Cross‑Site Scripting (XSS) in the Twitter Buttons Widget, exploitable via its settings. Affected versions are up to and including 2.7.15. Exploitation requires at least contributor‑level access by an a...

6.4CVSS6.1AI score0.00423EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.40 views

CVE-2024-0438 Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wrapper link parameter in the Age Gate in all versions up to, and including, 3.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacke...

6.4CVSS5.8AI score0.00581EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/02/20 6:56 p.m.15 views

CVE-2024-1242 Premium Addons for Elementor <= 4.10.18 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up to, and including, 4.10.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS7AI score0.00406EPSS
Exploits0References2
CVE
CVE
added 2024/02/20 6:56 p.m.77 views

CVE-2024-1242

The CVE-2024-1242 entry affects Premium Addons for Elementor (WordPress). Root cause: stored XSS via the button onclick attribute due to insufficient input sanitization and output escaping, exploitable by authenticated users with Contributor+ privileges. Affected versions: up to 4.10.18. Impact d...

6.4CVSS6.1AI score0.00406EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.3 views

PT-2024-17587 · WordPress · Premium Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Premium Addons for Elementor plugin for WordPress versions up to, and including, 4.10.18 Description: The issue is related to Stored Cross-Site Scripting via the button onclick attribute due to insufficient input sanitization and output...

6.4CVSS7.8AI score0.00406EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.4 views

PT-2024-17728 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, specifically via the...

6.4CVSS7.9AI score0.00446EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.8 views

PT-2024-15857 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.10.1 Description: The issue is related to Stored Cross-Site Scripting via the side image URL parameter in the Age Gate due to insufficient input sanitization...

6.4CVSS8AI score0.00496EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/02/13 12:0 a.m.12 views

WordPress Essential Addons for Elementor Plugin <= 5.9.8 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.8 Fixed in 5.9.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1276 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID b864b4f9f50d Credits RandomRoot...

6.4CVSS5.8AI score0.00446EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/02/10 8:15 a.m.5 views

CVE-2024-24831

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.16...

5.4CVSS7.3AI score0.0032EPSS
Exploits0References1
Rows per page
Query Builder