5 matches found
CVE-2024-4370
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget Image Box in all versions up to, and including, 1.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-4370
CVE-2024-4370 describes a stored XSS in WPZOOM Addons for Elementor (Templates, Widgets) for WordPress. Affected in all versions up to 1.1.36 due to insufficient input sanitization and output escaping on widget Image Box attributes. Exploitation requires authenticated access at contributor level ...
CVE-2024-4370 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget Image Box in all versions up to, and including, 1.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-4370 WPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box Widget
The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget Image Box in all versions up to, and including, 1.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress WPZOOM Addons for Elementor (Templates, Widgets) Plugin <= 1.1.36 is vulnerable to Cross Site Scripting (XSS)
Software WPZOOM Addons for Elementor Templates, Widgets Type Plugin Vulnerable versions = 1.1.36 Fixed in 1.1.37 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4370 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f02f01fac778...