2 matches found
WordPress Elements kit Elementor addons Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.0.4 Fixed in 3.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1239 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID def03a5e89bb Credits RandomRoot Required...
CVE-2024-1239
CVE-2024-1239 affects ElementsKit Elementor addons for WordPress and is a Stored XSS vulnerability present in all versions up to 3.0.4 due to insufficient input sanitization and output escaping. Authenticated attackers with contributor access or higher can inject arbitrary script that executes in...