92 matches found
CVE-2024-2492
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2492 PowerPack Addons for Elementor <= 2.7.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2492 PowerPack Addons for Elementor <= 2.7.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter Tweet widget in all versions up to, and including, 2.7.18 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2492
CVE-2024-2492 affects PowerPack Addons for Elementor (WordPress). The issue is a stored cross-site scripting (XSS) flaw in the Twitter Tweet widget present in all versions up to 2.7.18, caused by insufficient input sanitization and output escaping. With contributor-level (or higher) access, an au...
PT-2024-20663 · WordPress · Powerpack Addons For Elementor
Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to and including 2.7.18 Description: The issue is related to Stored Cross-Site Scripting via the Twitter Tweet widget due to insufficient input sanitization and output escaping...
WordPress Plugin PowerPack Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress PowerPack Addons for Elementor plugin <= 2.7.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via *_html_tag* vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via htmltag vulnerability discovered by wesley wcraft in WordPress Plugin PowerPack Addons for Elementor versions = 2.7.17...
WordPress PowerPack Addons for Elementor plugin <= 2.7.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Twitter Tweet Widget vulnerability discovered by wesley wcraft in WordPress Plugin PowerPack Addons for Elementor versions = 2.7.18...
WordPress PowerPack Addons for Elementor Plugin <= 2.7.17 is vulnerable to Cross Site Scripting (XSS)
Software PowerPack Addons for Elementor Type Plugin Vulnerable versions = 2.7.17 Fixed in 2.7.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2491 Patch priority Low CVSS severity Low 6.5 Developer IdeaBox Creations PSID e7ac7cb26530 Credits wesle...
CVE-2024-2491
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmltag attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-2491
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmltag attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Plugin PowerPack Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
PT-2024-20660 · WordPress · Powerpack Addons For Elementor
Name of the Vulnerable Software and Affected Versions: PowerPack Addons for Elementor plugin for WordPress versions up to, and including, 2.7.17 Description: The issue is related to Stored Cross-Site Scripting via the html tag attribute of multiple widgets due to insufficient input sanitization a...
CVE-2024-1411
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
Cross site scripting
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Plugin PowerPack Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
CVE-2024-24843
Cross-Site Request Forgery CSRF vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8...
CVE-2024-24843
CVE-2024-24843 is a CSRF vulnerability in PowerPack Pro for Elementor (PowerPack Addons for Elementor) affecting versions before 2.10.8. Exploitation could allow unauthorized changes to plugin settings (and associated XSS impact per patched disclosure). The fix is to upgrade to PowerPack Pro for ...
WordPress Plugin PowerPack Addons for Elementor Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2024-1411 PowerPack Addons for Elementor <= 2.7.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Buttons Widget
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the settings of the Twitter Buttons Widget in all versions up to, and including, 2.7.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...