70 matches found
CVE-2024-54212
CVE-2024-54212 (WordPress Magical Addons For Elementor) Stored XSS due to improper input neutralization during web page generation. Affected plugin: Magical Addons For Elementor (Header/Footer Builder, Free Elementor Widgets, Elementor Templates Library) up to version 1.2.6 (per CVE description)....
CVE-2024-54212 WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through = 1.3.6...
PT-2024-36090 · Unknown · Noor Alam Magical Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Noor alam Magical Addons For Elementor versions 1.2.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker...
WordPress plugin Magical Addons For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.3.6...
CVE-2024-10352
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the getcontenttype function in includes/widgets/content-reveal.php. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2024-10352 Magical Addons For Elementor <= 1.2.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the getcontenttype function in includes/widgets/content-reveal.php. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2024-10352
CVE-2024-10352 affects Magical Addons For Elementor for WordPress (including the Header Footer Builder, Free Elementor Widgets, and Elementor Templates Library). The root cause is a vulnerability in get_content_type() inside includes/widgets/content-reveal.php that allows an authenticated attacke...
WordPress Magical Addons For Elementor plugin <= 1.2.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template vulnerability
Authenticated Contributor+ Sensitive Information Exposure via Elementor Template vulnerability discovered by Ankit Patel in WordPress Plugin Magical Addons For Elementor versions = 1.2.4...
PT-2024-16211 · WordPress · Magical Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Magical Addons For Elementor plugin for WordPress versions up to, and including, 1.2.4 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private, pending, and draft template dat...
WordPress Magical Addons For Elementor Plugin <= 1.2.4 is vulnerable to Sensitive Data Exposure
Software Magical Addons For Elementor Type Plugin Vulnerable versions = 1.2.4 Fixed in 1.2.5 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10352 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7aa4ffe94751 Credits Ankit Patel...
WordPress plugin Magical Addons For Elementor 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...
CVE-2024-51665
Server-Side Request Forgery SSRF vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through = 1.2.1...
CVE-2024-51665
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1...
CVE-2024-51665 WordPress Magical Addons For Elementor plugin <= 1.2.1 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through = 1.2.1...
CVE-2024-51665 WordPress Magical Addons For Elementor plugin <= 1.2.1 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through = 1.2.1...
WordPress plugin Magical Addons For Elementor 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
PT-2024-34810 · Noor Alam · Magical Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Magical Addons For Elementor versions 1.2.1 and earlier Description: A Server-Side Request Forgery SSRF vulnerability is present in Noor alam Magical Addons For Elementor, allowing Server Side Request Forgery. Recommendations: For versions...
WordPress Magical Addons For Elementor plugin <= 1.2.1 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.2.1...
CVE-2024-38730
Server-Side Request Forgery SSRF vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41...