4 matches found
CVE-2024-4668 Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets
The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-4668 Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets
The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-4668
CVE-2024-4668 (Gum Elementor Addon, WordPress) : The WordPress Gum Elementor Addon is affected by a stored cross-site scripting (XSS) flaw in the Price Table and Post Slider widgets for all versions up to and including 1.3.4, caused by insufficient input sanitization and output escaping of user-s...
WordPress Gum Elementor Addon Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)
Software Gum Elementor Addon Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4668 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5ff0c810f441 Credits stealthcopter Requir...