3 matches found
CVE-2024-1235 Elementor Addons by Livemesh <= 8.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributo...
CVE-2024-1235
The Elementor Addons by Livemesh WordPress plugin is affected by CVE-2024-1235, a Stored Cross‑Site Scripting (XSS) due to insufficient input sanitization/escaping in the custom class field. Affected versions are all up to 8.3.2; a fix was released in 8.3.3. Exploitation requires authenticated ac...
WordPress Livemesh Addons for Elementor Plugin <= 8.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.3.2 Fixed in 8.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1235 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ab5cdd31d383 Credits Webbernaut...