2 matches found
CVE-2024-7092 Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via no_more_items_text Parameter
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nomoreitemstext’ parameter in all versions up to, and including, 5.9.27 due to insufficient input sanitization and output...
CVE-2024-7092
CVE-2024-7092 corresponds to a Stored Cross-Site Scripting vulnerability in the WordPress plugin Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders. The root cause is insufficient input sanitization and output escaping in the no_more_items_text ...