CVE-2024-3190

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text field widget in all versions up to, and including, 1.5.107 due to insufficient input sanitization and output escaping on user supplied...

WordPress plugin Unlimited Elements For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Unlimited Elements for Elementor plugin <= 1.5.107 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by M.Awad in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.107...

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.107 is vulnerable to SQL Injection

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.107 Fixed in 1.5.108 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4779 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID 2c76236c1b5c...

PT-2024-32815 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.107 Description: The issue allows authenticated attackers with contributor-level access and above to perform SQL Injection via the datapost ids0...