3 matches found
CVE-2024-4087
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Back to Top widget in all versions up to, and including, 1.3.975 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2024-4087 Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Back to Top widget in all versions up to, and including, 1.3.975 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...
CVE-2024-4087
CVE-2024-4087 affects the WordPress plugin Royal Elementor Addons and Templates. It enables authenticated users with contributor access and above to trigger a Stored XSS via the Back to Top widget in versions up to and including 1.3.975. Impact is that injected scripts could execute on pages acce...