2 matches found
CVE-2024-4107 Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
The Elementor Website Builder – More than Just a Page Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in versions up to, and including, 3.21.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Elementor Pro Plugin <= 3.21.0 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Pro Type Plugin Vulnerable versions = 3.21.0 Fixed in 3.21.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4107 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5e068ca3d9a8 Credits wesley wcraft Required...