Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:31 a.m.15 views

CVE-2022-4953

The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs...

6.1CVSS6.6AI score0.02027EPSS
Exploits5References1
0day.today
0day.today
added 2023/09/11 12:0 a.m.378 views

Wordpress Elementor 3.5.5 Plugin - Iframe Injection Vulnerability

Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlled URLs from being...

6.1CVSS6.3AI score0.02027EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/09/08 12:0 a.m.420 views

WordPress Elementor Iframe Injection

Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Date: 28.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlle...

6.1CVSS7.1AI score0.02027EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.483 views

Wordpress Plugin Elementor 3.5.5 - Iframe Injection

Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Date: 28.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlle...

6.1CVSS6.5AI score0.02027EPSS
Exploits5
NVD
NVD
added 2023/08/14 8:15 p.m.22 views

CVE-2022-4953

The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs...

6.1CVSS6.2AI score0.02027EPSS
Exploits5References2
Cvelist
Cvelist
added 2023/08/14 7:10 p.m.28 views

CVE-2022-4953 Elementor < 3.5.5 - Iframe Injection

The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs...

6.3AI score0.02027EPSS
Exploits5References2
CVE
CVE
added 2023/08/14 7:10 p.m.196 views

CVE-2022-4953

The CVE describes a vulnerability in the Elementor Website Builder WordPress plugin, affecting versions prior to 3.5.5, where user-controlled URLs loaded into the DOM are not properly filtered, enabling injection of rogue iframes to malicious URLs. Affected product: WordPress Elementor Website Bu...

6.1CVSS6.1AI score0.02027EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder