WordPress WPBakery Visual Composer plugin <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title tag attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title tag attribute vulnerability discovered by Nikolas - mdr in WordPress Plugin WPBakery Page Builder versions = 7.5...

WordPress Happy Addons for Elementor plugin <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title HTML Tag vulnerability discovered by João Pedro Soares de Alcântara - Kinorth in WordPress Plugin Happy Addons for Elementor versions = 3.10.4...

CVE-2024-1841

The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Title tag attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or...

PT-2024-22104 · WordPress · Happy Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Happy Addons for Elementor plugin for WordPress versions up to, and including, 3.10.4 Description: The issue is related to Stored Cross-Site Scripting via the Post Title HTML Tag due to insufficient input sanitization and output escaping ...