3 matches found
CVE-2024-5088
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-5088 Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-5088
CVE-2024-5088 affects Happy Addons for Elementor (WordPress) and is a Stored XSS via the _id parameter in all versions up to 3.10.8. Exploitation requires authentication at Contributor level or higher, enabling an attacker to inject scripts that execute on pages accessed by other users. Patch/mit...