2 matches found
CVE-2024-5344 The Plus Addons for Elementor Page Builder <= 5.5.6 - Reflected Cross-Site Scripting via WP Login and Register Widget
The The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘forgoturl’ attribute within the plugin's WP Login & Register widget in all versions up to, and including, 5.5.6 due to insufficient input sanitization and output escaping...
WordPress The Plus Addons for Elementor Pro Plugin <= 5.5.6 is vulnerable to Cross Site Scripting (XSS)
Software The Plus Addons for Elementor Pro Type Plugin Vulnerable versions = 5.5.6 Fixed in 5.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5344 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01ee398507f7 Credits...