Lucene search
+L

5 matches found

nvd
nvd
added 2024/05/14 3:39 p.m.26 views

CVE-2024-3055

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

8.8CVSS8.8AI score0.00821EPSS
Exploits0References3
cve
cve
added 2024/05/10 9:32 p.m.52 views

CVE-2024-3055

CVE-2024-3055 affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress. Time-based SQL Injection in the id parameter exists in all versions up to 1.5.102 due to insufficient escaping and lack of prepared SQL in the query. Authenticated attackers with contributor ac...

8.8CVSS9AI score0.00821EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2024/05/10 9:32 p.m.28 views

CVE-2024-3055 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

8.8CVSS8.9AI score0.00821EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/05/10 9:32 p.m.16 views

CVE-2024-3055 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Contributor+) SQL Injection

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation o...

8.8CVSS7.6AI score0.00821EPSS
Exploits0References3
patchstack
patchstack
added 2024/05/10 12:0 a.m.22 views

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.102 is vulnerable to SQL Injection

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.102 Fixed in 1.5.105 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3055 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID 6f752cde8e3d...

8.8CVSS6.8AI score0.00821EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder