Lucene search
K

295 matches found

CNNVD
CNNVD
added 2024/06/21 12:0 a.m.6 views

WordPress plugin The Plus Addons for Elementor security vulnerability

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...

8.8CVSS7AI score0.00619EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/21 12:0 a.m.3 views

WordPress plugin The Plus Addons for Elementor Page Builder security vulnerability

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS5.8AI score0.0031EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/20 5:29 p.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.5.6 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...

8.8CVSS7AI score0.00619EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/20 5:28 p.m.6 views

WordPress The Plus Addons for Elementor Page Builder plugin <= 5.5.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin The Plus Addons for Elementor Pro versions = 5.5.6...

6.1CVSS6.3AI score0.0031EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.14 views

WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Cross Site Scripting (XSS)

Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5344 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01ee398507f7 Credits...

6.1CVSS5.7AI score0.0031EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/20 12:0 a.m.6 views

PT-2024-36387 · WordPress · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: Plus Addons for Elementor Page Builder plugin for WordPress versions up to, and including, 5.5.4 Description: The issue allows authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the...

8.8CVSS8.1AI score0.00619EPSS
Exploits0References8
OSV
OSV
added 2024/06/08 2:15 p.m.2 views

CVE-2024-35709

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.5.4...

5.4CVSS5.8AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/08 12:0 a.m.3 views

WordPress plugin The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin The Plus...

6.5CVSS5.9AI score0.00262EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.5 views

PT-2024-26658 · Unknown · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder Lite versions through 5.5.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

6.5CVSS6.6AI score0.00262EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/06/06 11:14 a.m.5 views

WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.5.4...

6.5CVSS5.8AI score0.00262EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/05/30 6:15 a.m.2 views

CVE-2024-5341

The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute of the Heading Title widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS6.1AI score0.00273EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/30 5:33 a.m.31 views

CVE-2024-5341 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Title Widget

The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' attribute of the Heading Title widget in all versions up to, and including, 5.5.4 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.9AI score0.00273EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/30 12:0 a.m.3 views

WordPress plugin The Plus Addons for Elementor Page Builder 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.5AI score0.00273EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.4 views

PT-2024-35733 · WordPress · The Plus Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: The Plus Addons for Elementor Page Builder plugin for WordPress versions up to, and including, 5.5.4 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, specifically the size...

6.4CVSS6.8AI score0.00273EPSS
Exploits0References5
OSV
OSV
added 2024/05/24 7:15 a.m.3 views

CVE-2024-4484

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘xaiusername’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and output escapin...

5.4CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2024/05/24 7:15 a.m.1 views

CVE-2024-4485

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttoncustomattributes’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and...

5.4CVSS5.9AI score
Exploits0References3
NVD
NVD
added 2024/05/24 7:15 a.m.12 views

CVE-2024-4485

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttoncustomattributes’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and...

6.4CVSS5.9AI score0.00322EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/24 6:58 a.m.3 views

WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.5.4...

6.4CVSS5.5AI score0.004EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/24 6:42 a.m.19 views

CVE-2024-4484 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘xaiusername’ parameter in versions up to, and including, 5.5.2 due to insufficient input sanitization and output escapin...

6.4CVSS5.8AI score0.00707EPSS
Exploits0References3
CVE
CVE
added 2024/05/24 6:42 a.m.57 views

CVE-2024-4485

The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin exposes a stored cross-site scripting (XSS) flaw via the button_custom_attributes parameter in versions up to 5.5.2 due to insufficient input sanitization and output escaping. Exploitation req...

6.4CVSS5.9AI score0.00322EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder