Lucene search
K

185 matches found

Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Master Addons for Elementor Plugin < 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Master Addons for Elementor Type Plugin Vulnerable versions 2.0.3 Fixed in 2.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb661f3de8e Credits Rafie Muhammad...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/14 3:15 p.m.5 views

CVE-2022-0327

The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...

6.1CVSS6.4AI score0.00783EPSS
Exploits2References1
CVE
CVE
added 2022/03/14 2:41 p.m.76 views

CVE-2022-0327

CVE-2022-0327 concerns the WordPress plugin Master Addons for Elementor (before 1.8.5). The flaw arises because the plugin does not sanitize/escape the error_message parameter when returning it in the response to the jltma_restrict_content AJAX action, which is accessible to both unauthenticated ...

6.1CVSS6.1AI score0.00783EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/03/14 2:41 p.m.21 views

CVE-2022-0327 Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting

The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...

6.3AI score0.00783EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.3 views

WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress Master Addons for Elementor plugin versions prior to 1.8.5 contain a cross-site scripting vulnerability that stems from the plugin's...

6.1CVSS4.8AI score0.00783EPSS
Exploits2References2
Rows per page
Query Builder