WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.112 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'email' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'email' vulnerability discovered by shaman0x01 - Shaman Red Team in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.112...

WordPress Unlimited Elements For Elementor plugin <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection vulnerability

Authenticated Contributor+ Time-Based SQL Injection vulnerability discovered by shaman0x01 in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.112...

CVE-2024-6170

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘email’ parameter in all versions up to, and including, 1.5.112 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Plugin Unlimited Elements For Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.112 is vulnerable to Cross Site Scripting (XSS)

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.112 Fixed in 1.5.113 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6169 Patch priority Low CVSS severity Low 6.5 Developer Unlimited...

PT-2024-37429 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: The Unlimited Elements For Elementor plugin versions up to, and including, 1.5.112 Description: The issue is related to Stored Cross-Site Scripting via the username parameter due to insufficient input sanitization and output escaping. This...