2 matches found
CVE-2024-1536
CVE-2024-1536 affects the Essential Addons for Elementor plugin for WordPress (up to version 5.9.9). The issue is Stored XSS via the plugin’s Event Calendar widget caused by insufficient input sanitization and output escaping on user-supplied attributes. Attackers with contributor+ privileges can...
WordPress Essential Addons for Elementor Plugin <= 5.9.9 is vulnerable to Cross Site Scripting (XSS)
Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.9 Fixed in 5.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1536 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID 0b8dd3bb82c9 Credits Webbernaut...