EUVD-2024-43302

Malicious code in bioql PyPI...

CVE-2024-49233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...

CVE-2024-12328

The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...

CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG

The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...

CVE-2024-12328

CVE-2024-12328 affects MAS Elementor for WordPress. The flaw is Stored XSS via SVG uploads in all versions up to 1.1.7, exploitable by authenticated attackers with Author+ privileges to inject scripts that run when a user views the SVG. Connected sources indicate Patch Status: Patched; ongoing gu...

CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG

The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...

WordPress plugin MAS Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-49233

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through 1.1.6...

CVE-2024-49233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...

CVE-2024-49233

CVE-2024-49233 — MAS Elementor DOM-based XSS Description: An XSS vulnerability arises from improper input neutralization during web page generation in the WordPress plugin Mas Addons for Elementor (Mas Elementor). Affected versions are MAS Elementor up to 1.1.6. Root cause: DOM‑based XSS due to u...

CVE-2024-49233 WordPress MAS Elementor plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through = 1.1.6...

WordPress plugin MAS Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress MAS Elementor Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS)

Software MAS Elementor Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49233 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 382acdfc426d Credits Khalid Yusuf Required privilege...