2 matches found
CVE-2024-9888
The CVE-2024-9888 entry concerns the WordPress plugin ElementInvader Addons for Elementor. A Stored Cross-Site Scripting (XSS) vulnerability exists in the plugin’s contact form widget redirect URL due to insufficient input sanitization and output escaping on user-supplied attributes. Affected ver...
WordPress ElementInvader Addons for Elementor Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)
Software ElementInvader Addons for Elementor Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9888 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2293b37c11ea Credits Coli...