35 matches found
WordPress plugin UltraAddons Elementor Lite 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
CVE-2024-10696 UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.8 - Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode
The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.8 via the showtemplate due to missing validatio...
WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Sensitive Data Exposure
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10696 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5f4604fffe9a Credits Francesco Carluc...
CVE-2024-49277
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Stored XSS.This issue affects UltraAddons Elementor Lite: from n/a through = 2.0.2...
CVE-2024-49277
CVE-2024-49277 denotes a Stored XSS in UltraAddons Elementor Lite (WordPress)
WordPress plugin UltraAddons Elementor Lite 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-33416 · Ultraaddons · Ultraaddons Elementor Lite
Name of the Vulnerable Software and Affected Versions: UltraAddons Elementor Lite versions 1.1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...
WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3bd9de105fd9 Credits Michael Required privilege...
WordPress UltraAddons Elementor Lite plugin <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by stealthcopter in WordPress Plugin UltraAddons Elementor Lite versions = 1.1.6...
WordPress UltraAddons Elementor Lite Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4866 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6acf063eea46 Credits stealthcopter...
CVE-2024-37554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows DOM-Based XSS.This issue affects UltraAddons Elementor Lite: from n/a through = 2.0.2...
CVE-2024-37554
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CodeAstrology Team UltraAddons Elementor Lite Header & Footer Builder, Menu Builder, Cart Icon, Shortcode.This issue affects UltraAddons Elementor Lite Header & Footer Builder, Menu Builder,...
WordPress UltraAddons Elementor Lite Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37554 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 027a0305e057 Credits Khalid Yusuf Required privile...
WordPress plugin UltraAddons Elementor Lite Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress UltraAddons Elementor Lite Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d3b08d811ef1 Credits Rafie Muhammad Patchstack...