4 matches found
CVE-2024-10867
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2024-10867
creationtimestamp| type| source ---|---|--- 2025-01-31 04:31:32+00:00| seen| https://infosec.exchange/users/cve/statuses/113921090640208235 2025-01-31 05:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzakxckkr2p 2025-01-31 07:00:13+00:00| seen|...
CVE-2024-10867
CVE-2024-10867 refers to the Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) via SVG file uploads in all versions up to and including 1.5.9, caused by insufficient input sanitization and out...
CVE-2024-10867 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible...