2 matches found
CVE-2020-13865
The CVE-2020-13865 entry concerns the Elementor Page Builder WordPress plugin, affected in versions prior to 2.9.9. The root cause is multiple stored XSS vulnerabilities stemming from inadequate validation of user-controlled data, enabling an author to craft posts or attributes that trigger store...
CVE-2020-13865
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes...