2 matches found
WordPress Happy Addons for Elementor Plugin <= 3.10.1 is vulnerable to Cross Site Scripting (XSS)
Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.10.1 Fixed in 3.10.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0438 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID ef76a43ace22 Credits wesley wcraft Requir...
CVE-2024-0438
The CVE-2024-0438 flaw affects the WordPress plugin Happy Addons for Elementor up to version 3.10.1, where the wrapper-link parameter in Age Gate allows Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. The vulnerability can be triggered by authenticated user...