375 matches found
PT-2023-3024 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Essential Addons for Elementor versions 5.4.0 through 5.7.1 Description: An improper authentication issue exists in Essential Addons for Elementor. Exploitation of this issue may allow a remote attacker to escalate their privileges. Real-worl...
WordPress Essential Addons for Elementor Plugin < 5.0.9 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; ifdescription...
CVE-2022-0683
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...
CVE-2022-0683 Essential Addons for Elementor Lite <= 5.0.8 Reflected Cross-Site Scripting
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...
CVE-2022-0683
CVE-2022-0683 affects the WordPress plugin WordPress Essential Addons for Elementor Lite. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient escaping and sanitization of the settings parameter found in includes/Traits/Helper.php, exploitable when a user clicks a crafted link. A...
WordPress Essential Addons for Elementor Plugin < 5.0.5 LFI Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; ifdescription...
CVE-2022-0320
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead ...
CVE-2022-0320
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead ...
CVE-2022-0320
The CVE-2022-0320 entry documents a Local File Inclusion (LFI) vulnerability in the WordPress plugin Essential Addons for Elementor, affecting versions prior to 5.0.5. The root cause is improper validation/sanitation of template data used in include statements, enabling unauthenticated attackers ...
CVE-2022-0320 Essential Addons for Elementor < 5.0.5 - Unauthenticated LFI
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead ...
CVE-2021-24255
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
CVE-2021-24255
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
Cross site scripting
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
CVE-2021-24255 Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS)
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...
WordPress Essential Addons for Elementor Lite 跨站脚本漏洞
WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Essential Addons for Elementor Lite Plugin versions prior to 4.5.4. An attacker can exploit this vulnerability to launch a cross-site scripting attack...