3 matches found
CVE-2021-24259
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24259 Elementor Addon Elements < 1.11.2 - Contributor+ Stored XSS
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24259
CVE-2021-24259 affects the WordPress plugin Elementor Addon Elements, prior to version 1.11.2. Several widgets allow stored XSS by low-privilege users (e.g., contributors) via crafted input in widget fields (notably Flip Box, Price Table, Timeline), due to insufficient input sanitization. Impact ...