4 matches found
CVE-2024-1055
PowerPack Addons for Elementor (PowerPack Lite for Elementor) is affected by a stored cross-site scripting (XSS) vulnerability in versions up to and including 2.7.14. The issue stems from insufficient input sanitization and output escaping on user-supplied URL values, allowing authenticated attac...
CVE-2024-1055 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's buttons in all versions up to, and including, 2.7.14 due to insufficient input sanitization and output escaping on user supplied URL values...
CVE-2024-1055 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting
The PowerPack Addons for Elementor Free Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's buttons in all versions up to, and including, 2.7.14 due to insufficient input sanitization and output escaping on user supplied URL values...
WordPress PowerPack Addons for Elementor Plugin <= 2.7.14 is vulnerable to Cross Site Scripting (XSS)
Software PowerPack Addons for Elementor Type Plugin Vulnerable versions = 2.7.14 Fixed in 2.7.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1055 Patch priority Low CVSS severity Low 6.5 Developer IdeaBox Creations PSID 07e0415bb2da Credits...