Lucene search
K

3 matches found

NVD
NVD
added 2024/11/05 12:15 p.m.16 views

CVE-2024-9657

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output...

6.5CVSS0.00336EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/11/05 11:32 a.m.20 views

CVE-2024-9657 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output...

6.5CVSS5.9AI score0.00336EPSS
Exploits0References7
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.18 views

WordPress Element Pack Elementor Addons Plugin <= 5.10.2 is vulnerable to Cross Site Scripting (XSS)

Software Element Pack Elementor Addons Type Plugin Vulnerable versions = 5.10.2 Fixed in 5.10.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9657 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fe1ff0e5049a Credits Webberna...

6.5CVSS5.8AI score0.00336EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder