2 matches found
CVE-2024-1500
CVE-2024-1500 concerns the Royal Elementor Addons and Templates plugin for WordPress. It describes Stored Cross-Site Scripting via the Logo Widget in all versions up to 1.3.91, caused by insufficient input sanitization and output escaping on user-supplied URLs. The vulnerability allows authentica...
WordPress Royal Elementor Addons Plugin <= 1.3.91 is vulnerable to Cross Site Scripting (XSS)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.91 Fixed in 1.3.92 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1500 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 7065dbda135b Credits Webbernaut Required...