CVE-2024-4695 Move Addons for Elementor <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-4695 Move Addons for Elementor <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Move Addons for Elementor plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin Move Addons for Elementor versions = 1.3.1...

WordPress Plugin Move Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2024-32296 · WordPress · Move Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Move Addons for Elementor plugin for WordPress version 1.3.1 and earlier Description: The issue is related to Stored Cross-Site Scripting via multiple widgets due to insufficient input sanitization and output escaping on user-supplied...

Move Addons for Elementor < 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

Description The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-34562

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0...

CVE-2024-34562

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0...

CVE-2024-34562

CVE-2024-34562 is a stored XSS in Move Addons for Elementor caused by improper input neutralization during web page generation, affecting Move Addons for Elementor up to version 1.3.0. Connected sources indicate the issue has been patched in later updates; no exploitation details are provided in ...

CVE-2024-34562 WordPress Move Addons for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0...

WordPress plugin Move Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-25977 · Elementor · Move Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Move Addons for Elementor versions 1.3.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

WordPress Move Addons for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Move Addons for Elementor versions = 1.3.0...

CVE-2024-29920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.2.9...

CVE-2024-29920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.2.9...

CVE-2024-29920

CVE-2024-29920 corresponds to a Stored XSS in Move Addons for Elementor plugin for WordPress, caused by improper neutralization of input during web page generation. The affected component is Move Addons for Elementor versions 1.2.9 and earlier; exploit path is via a cross-site scripting payload s...

CVE-2024-29920 WordPress Move Addons for Elementor plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.2.9...

WordPress Plugin Move Addons for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-23143 · Elementor · Move Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Move Addons for Elementor versions 1.2.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

CVE-2024-2131

The CVE-2024-2131 entry pertains to Move Addons for Elementor (WordPress). It affects all versions up to 1.2.9 and describes a Stored Cross-Site Scripting (XSS) via the plugin’s infobox and button widget due to insufficient input sanitization and output escaping on user-supplied attributes. Authe...