WordPress The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 6.4.11 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by daroo in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.4.11...

EUVD-2021-11169

Malware in sbrugna...

Essential Addons for Elementor Lite < 5.0.9 - Reflected Cross-Site Scripting

The plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted li...

WordPress Essential Addons for Elementor Lite Plugin Cross-Site Scripting Vulnerability

WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress Essential Addons for Elementor Lite Plugin versions prior to 4.5.4. An attacker can exploit this vulnerability to launch a cross-site scripting attack...

CVE-2021-24255 Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS)

The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting XSS by lower-privileged users such as contributors, both via a similar method...