Lucene search
K

4 matches found

NVD
NVD
added 2024/05/14 11:15 p.m.23 views

CVE-2024-4666

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.9AI score0.0041EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/05/14 10:31 p.m.11 views

CVE-2024-4666 Borderless - Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References8
CVE
CVE
added 2024/05/14 10:31 p.m.31 views

CVE-2024-4666

CVE-2024-4666 applies to Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg (WordPress). It is a stored XSS vulnerability in multiple widgets across all versions up to 1.5.3, caused by insufficient input sanitization and inadequate output escaping on user-supplied att...

6.4CVSS5.7AI score0.0041EPSS
Exploits0References8Affected Software1
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.16 views

WordPress Borderless Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Borderless Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4666 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d9fe795f805d Credits stealthcopter Required...

6.4CVSS5.8AI score0.0041EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder