Lucene search
K

4 matches found

Circl
Circl
added 2024/03/13 5:37 p.m.11 views

CVE-2024-1996

creationtimestamp| type| source ---|---|--- 2024-03-13 17:37:14+00:00| seen| https://t.me/ctinow/206945...

6.4CVSS7.2AI score0.00399EPSS
Exploits0References1
NVD
NVD
added 2024/03/13 4:15 p.m.25 views

CVE-2024-1996

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.7AI score0.00399EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 3:32 p.m.73 views

CVE-2024-1996

Premium Addons Pro for Elementor (WordPress) is affected by CVE-2024-1996: a stored XSS in the IHover widget link present in versions ≤ 2.9.12 due to insufficient input sanitization and output escaping on user-supplied attributes. This enables authenticated attackers with contributor-level+ permi...

6.4CVSS6AI score0.00399EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/03/13 3:32 p.m.43 views

CVE-2024-1996 Premium Addons for Elementor PRO <= 2.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget link

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's IHover widget link in all versions up to, and including, 2.9.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.8AI score0.00399EPSS
Exploits0References2
Rows per page
Query Builder