7 matches found
CVE-2024-13548
The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'magic-button' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13548 Power Ups for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'magic-button' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13548
CVE-2024-13548 concerns the WordPress plugin Power Ups for Elementor. The vulnerability is a Stored Cross-Site Scripting flaw in the plugin’s shortcodes (notably the 'magic-button') present in all versions up to 1.2.2, caused by insufficient input sanitization and output escaping on user-supplied...
WordPress plugin Power Ups for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
WordPress Power Ups for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Power Ups for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5f90ede97ce0 Credits Rafie Muhammad Patchstack...
WordPress Power Ups for Elementor plugin <= 1.2.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Power Ups for Elementor plugin versions = 1.2.1. Solution Update the WordPress Power Ups for Elementor plugin to the latest available version at least 1.2.2...
WordPress Power Ups for Elementor plugin <= 1.2.1 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Power Ups for Elementor plugin versions = 1.2.1. Solution Update the WordPress Power Ups for Elementor plugin to the latest available version at least 1.2.2...