Lucene search
K

5 matches found

Circl
Circl
added 2025/02/20 10:36 a.m.9 views

CVE-2024-13155

creationtimestamp| type| source ---|---|--- 2025-02-20 10:36:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lim3tnehwk2u 2025-02-20 10:38:19+00:00| seen| https://t.me/cvedetector/18519 2025-02-20 23:26:54+00:00| seen| Telegram/HsoU9F2ilqhIzwE4z7rDrGwjoK5XfqSjE0Wvp9333NDsh3eG...

6.4CVSS8.7AI score0.00325EPSS
Exploits0References2
NVD
NVD
added 2025/02/20 8:15 a.m.14 views

CVE-2024-13155

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/20 7:33 a.m.11 views

CVE-2024-13155 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2025/02/20 7:33 a.m.63 views

CVE-2024-13155

CVE-2024-13155 affects Unlimited Elements For Elementor (WordPress) up to version 1.5.140, with a Stored XSS via the Transparent Split Hero widget. Exploitation requires authenticated access (contributor+); an attacker can inject scripts that run when users load injected pages. Patch guidance fro...

6.4CVSS6AI score0.00325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/20 7:33 a.m.18 views

CVE-2024-13155 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.140 - Authenticated (Contributor+) Stored Cross-Site Scripting via Transparent Split Hero Widget

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to, and including, 1.5.140 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00325EPSS
Exploits0References3
Rows per page
Query Builder