3 matches found
CVE-2024-5818 Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored DOM-based Cross-Site Scripting via the plugin's Magazine Grid/Slider widget in all versions up to, and including, 1.3.980 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-5818
CVE-2024-5818 affects the Royal Elementor Addons and Templates WordPress plugin. It exposes a Stored DOM-based XSS via the Magazine Grid/Slider widget in all versions ≤ 1.3.980 due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires at least C...
WordPress Royal Elementor Addons Plugin <= 1.3.980 is vulnerable to Cross Site Scripting (XSS)
Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.980 Fixed in 1.3.981 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5818 Patch priority Low CVSS severity Low 6.5 Developer WProyal PSID 21750c8b6654 Credits Webbernaut Required...