2 matches found
CVE-2024-0506
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $instancealt parameter in the getimagealt function in all versions up to, and including, 3.18.3 due to insufficient input sanitization and output escaping. Th...
CVE-2024-0506
Elementor Website Builder for WordPress (WordPress plugin) is vulnerable to Cross‑Site Scripting via the get_image_alt path in versions