3 matches found
WordPress PowerPack Addons for Elementor Plugin <= 2.7.17 is vulnerable to Cross Site Scripting (XSS)
Software PowerPack Addons for Elementor Type Plugin Vulnerable versions = 2.7.17 Fixed in 2.7.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2491 Patch priority Low CVSS severity Low 6.5 Developer IdeaBox Creations PSID e7ac7cb26530 Credits wesle...
CVE-2024-2491 PowerPack Addons for Elementor <= 2.7.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via *_html_tag*
The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmltag attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-2491
Technical details about CVE-2024-2491 are not provided in the supplied documents. Please monitor for official advisories for affected versions, impact, and fixes.