2 matches found
CVE-2024-2781
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videohtmltag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-2781
The vulnerability CVE-2024-2781 affects Elementor Website Builder Pro for WordPress. It is a Stored XSS in the video_html_tag attribute, present in all versions up to and including 3.20.1, caused by insufficient input sanitization and output escaping. The impact, as stated, is that authenticated ...