3 matches found
CVE-2021-24265
The “Rife Elementor Extensions & Templates” WordPress Plugin before 1.1.6 has a widget that is vulnerable to stored Cross-Site ScriptingXSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24265 Rife Elementor Extensions & Templates < 1.1.6 - Contributor+ Stored XSS
The “Rife Elementor Extensions & Templates” WordPress Plugin before 1.1.6 has a widget that is vulnerable to stored Cross-Site ScriptingXSS by lower-privileged users such as contributors, all via a similar method...
CVE-2021-24265
The CVE affects the WordPress plugin Rife Elementor Extensions & Templates (versions before 1.1.6). A widget—specifically the Writing Effect Headline widget—is vulnerable to stored XSS via the tag parameter, exploitable by lower-privileged users (e.g., contributors). The vulnerability is triggere...