2 matches found
CVE-2024-4156
CVE-2024-4156 affects the Essential Addons for Elementor plugin for WordPress (lite) and enables Stored XSS via the eael_event_text_color parameter due to insufficient input sanitization/output escaping. Affected versions are up to 5.9.17; exploitation requires contributor-level permissions and a...
WordPress Essential Addons for Elementor Plugin <= 5.9.17 is vulnerable to Cross Site Scripting (XSS)
Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.17 Fixed in 5.9.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4156 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID cdf8bfb02af3 Credits wesley wcra...