3 matches found
CVE-2024-2252
The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-2252
CVE-2024-2252 refers to a stored XSS in the Droit Elementor Addons plugin for WordPress (versions up to 3.1.5). The vulnerability stems from insufficient input sanitization and output escaping on user-supplied attributes (e.g., URL) in the plugin’s widgets. Exploitation requires authentication at...
WordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Droit Elementor Addons Type Plugin Vulnerable versions = 3.1.5 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2252 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcd3705192b1 Credits Francesco Carlucci...