5 matches found
CVE-2023-6525
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
WordPress Elements kit Elementor addons Plugin <= 3.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6525 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 35435cff32ec Credits Ulyses Saicha Requir...
CVE-2023-6525 ElementsKit Elementor addons <= 3.0.3 - Authenticated(Editor+) Stored Cross-Site Scripting
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-6525
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the progress bar element attributes in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
CVE-2023-6525
CVE-2023-6525 affects ElementsKit Elementor addons for WordPress. Vulnerability: Stored XSS in the progress bar element attributes due to insufficient input sanitization and output escaping. Affected versions: all up to and including 3.0.3. Impact: authenticated attackers with editor-level access...