WordPress Elementor – Header, Footer & Blocks Template Plugin <= 1.6.35 is vulnerable to Cross Site Scripting (XSS)

Software Elementor – Header, Footer & Blocks Template Type Plugin Vulnerable versions = 1.6.35 Fixed in 1.6.36 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33933 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cf61ccd0288a Credits wcraft...

CVE-2021-24256

The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...