CVE-2024-5259

The MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in all versions up to, and including, 4.1.11 due to insufficient input sanitization and output escaping. This makes it...

WordPress MultiVendorX Marketplace plugin <= 4.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via hover_animation Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via hoveranimation Parameter vulnerability discovered by stealthcopter in WordPress Plugin MultiVendorX versions = 4.1.11...

CVE-2024-4619

The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘hoveranimation’ parameter in versions up to, and including, 3.21.4 due to insufficient input sanitization and output escaping. This makes it possible...

PT-2024-31919 · WordPress · Elementor Website Builder

Name of the Vulnerable Software and Affected Versions: Elementor Website Builder plugin for WordPress versions up to, and including, 3.21.4 Description: The Elementor Website Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the hover animation parameter due ...

PT-2024-32315 · WordPress · Testimonial Carousel For Elementor

Name of the Vulnerable Software and Affected Versions: Testimonial Carousel For Elementor plugin for WordPress versions up to, and including, 10.1.1 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticat...