2 matches found
CVE-2024-2117
CVE-2024-2117 affects Elementor Website Builder – More than Just a Page Builder (WordPress) via the Path Widget. All versions up to 3.20.2 are vulnerable due to insufficient output escaping on user-supplied attributes, enabling stored XSS. Exploitation requires an authenticated attacker with cont...
WordPress Elementor Website Builder Plugin <= 3.20.2 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Website Builder Type Plugin Vulnerable versions = 3.20.2 Fixed in 3.20.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2117 Patch priority Low CVSS severity Low 6.4 Developer Elementor PSID 13b41799a0e4 Credits Webbernaut Require...