2 matches found
CVE-2024-1398
CVE-2024-1398 affects the Ultimate Bootstrap Elements for Elementor plugin for WordPress. The vulnerability is Stored Cross-Site Scripting via the heading_title_tag and heading_sub_title_tag parameters in all versions up to 1.3.6, caused by insufficient input sanitization and output escaping. The...
CVE-2024-1398 Ultimate Bootstrap Elements for Elementor <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘headingtitletag’ and ’headingsubtitletag’ parameters in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping. This makes it...