Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/05/23 7:36 a.m.16 views

CVE-2024-4866

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input...

6.4CVSS6.1AI score0.00366EPSS
Exploits0References1
nvd
nvd
added 2024/07/10 2:15 a.m.33 views

CVE-2024-4866

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input...

6.4CVSS0.00366EPSS
Exploits0References7
cvelist
cvelist
added 2024/07/10 2:2 a.m.39 views

CVE-2024-4866 UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input...

6.4CVSS0.00366EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2024/07/10 2:2 a.m.15 views

CVE-2024-4866 UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.1.6 due to insufficient input...

6.4CVSS6.1AI score0.00366EPSS
Exploits0References7
patchstack
patchstack
added 2024/07/10 12:0 a.m.18 views

WordPress UltraAddons Elementor Lite Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4866 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6acf063eea46 Credits stealthcopter...

6.4CVSS5.8AI score0.00366EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder