3 matches found
CVE-2024-1419
The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ attribute of the Header Meta Content widget in all versions up to, and including, 5.4.0 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-1419
The Plus Addons for Elementor Page Builder for WordPress contains a Stored Cross-Site Scripting (XSS) vulnerability in the Header Meta Content widget via the _id attribute, affecting all versions up to and including 5.4.0. Exploitation requires authenticated access at contributor level or higher,...
WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.4.0 is vulnerable to Cross Site Scripting (XSS)
Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.4.0 Fixed in 5.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1419 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID...