185 matches found
CVE-2024-9618
CVE-2024-9618: Master Addons for Elementor (WordPress) is affected by a Stored Cross-Site Scripting vulnerability in multiple widgets, present in all versions up to 2.0.7.2. Root cause is insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authen...
WordPress Master Addons plugin <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.7.2...
WordPress Master Addons plugin <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin Master Addons for Elementor versions = 2.0.7.1...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2024-9502
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502 Master Addons -- Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip Module
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502 Master Addons -- Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip Module
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip module in all versions up to, and including, 2.0.6.7 due to insufficient input sanitization and...
CVE-2024-9502
CVE-2024-9502 : Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip module in all versions up to 2.0.6.7 due to insufficient input sanitization and output escaping on us...
PT-2025-3725 · WordPress · The Master Addons – Elementor Addons
Name of the Vulnerable Software and Affected Versions: Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress versions up to, and including, 2.0.6.7 Description: The issue concerns a stored cross-site scripting vulnerability v...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Master Addons plugin <= 2.0.9.9.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Michael in WordPress Plugin Master Addons for Elementor versions = 2.0.9.9.4...
CVE-2024-6282
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-jltma-wrapper-link element in all versions up to, and including 2.0.6.4 due to insufficient input sanitization and output...
WordPress Master Addons plugin <= 2.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-jltma-wrapper-link Element vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via data-jltma-wrapper-link Element vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.6.4...
PT-2024-37510 · WordPress · The Master Addons
Name of the Vulnerable Software and Affected Versions: The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress versions up to, and including 2.0.6.4 Description: The issue is related to Stored Cross-Site Scripting via the...
WordPress plugin Master Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Master Addons for Elementor Plugin <= 2.0.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Master Addons for Elementor Type Plugin Vulnerable versions = 2.0.6.4 Fixed in 2.0.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6282 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4a14125827b6 Credits Webberna...
CVE-2024-38710
CVE-2024-38710 : Stored XSS in Master Addons for Elementor (WordPress plugin) up to version 2.0.6.2. Root cause: improper neutralization during web page generation. Affected: Master Addons for Elementor. Impact: authenticated users may inject script that could be stored and served to other users;...
CVE-2024-38710 WordPress Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin <= 2.0.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2...