185 matches found
WordPress Master Addons for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Master Addons for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb661f3de8e Credits Rafie Muhammad...
CVE-2022-0327
The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...
CVE-2022-0327
CVE-2022-0327 concerns the WordPress plugin Master Addons for Elementor (before 1.8.5). The flaw arises because the plugin does not sanitize/escape the error_message parameter when returning it in the response to the jltma_restrict_content AJAX action, which is accessible to both unauthenticated ...
CVE-2022-0327 Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting
The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...
WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Master Addons for Elementor plugin versions prior to 1.8.5 contain a cross-site scripting vulnerability that stems from the plugin's...