5 matches found
CVE-2024-34548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
CVE-2024-34548
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
CVE-2024-34548
CVE-2024-34548 is a Stored XSS in Themesgrove WidgetKit (WidgetKit for Elementor). Affected: WidgetKit versions up to 2.4.8. Root cause: improper neutralization of input during web page generation. Impact: stored cross-site scripting vesting on pages using the widget. Remediation: patch/upgrade t...
CVE-2024-34548 WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8...
WordPress WidgetKit Plugin <= 2.4.8 is vulnerable to Cross Site Scripting (XSS)
Software WidgetKit Type Plugin Vulnerable versions = 2.4.8 Fixed in 2.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34548 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d04ccca624d0 Credits Ray Wilson Required privilege Contributor...