CVE-2024-9694

The CMSMasters Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.14.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-9694 CMSMasters Elementor Addon <= 1.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The CMSMasters Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.14.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-9694

CVE-2024-9694 : CMSMasters Elementor Addon for WordPress is affected by a Stored Cross-Site Scripting (XSS) vulnerability across all versions up to 1.14.7. The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in multiple widgets, enabling an authen...

WordPress plugin CMSMasters Elementor Addon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress CMSMasters Elementor Addon plugin <= 1.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by István Márton in WordPress Plugin CMSMasters Elementor Addon versions = 1.14.7...