2 matches found
CVE-2024-8546 ElementsKit Elementor addons <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Widget
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Elements kit Elementor addons Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Elements kit Elementor addons Type Plugin Vulnerable versions = 3.2.7 Fixed in 3.2.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8546 Patch priority Low CVSS severity Low 6.5 Developer Wpmet PSID 43112ffb0d64 Credits zer0gh0st Required...