Lucene search
K

4 matches found

Patchstack
Patchstack
added 2026/02/02 8:42 p.m.8 views

WordPress Element Pack Elementor Addons plugin <= 5.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Panel Slider Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Panel Slider Widget vulnerability discovered by RandomRoot in WordPress Plugin Element Pack Elementor Addons versions = 5.6.0...

6.4CVSS5.2AI score0.00323EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/04/18 4:32 a.m.80 views

CVE-2024-1429

The CVE-2024-1429 entry concerns Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) for WordPress. It describes a Stored Cross-Site Scripting flaw in the Panel Slider widget, exploitable via the tab_link attribute, across all versions up to and...

6.4CVSS6.1AI score0.00323EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.4 views

PT-2024-18039 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.0 Description: The issue is related to Stored Cross-Site Scripting via the tab link attribute of the Panel Slider widget due to insufficient input...

6.4CVSS5.9AI score0.00323EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/04/18 12:0 a.m.17 views

Element Pack Elementor Addons < 5.6.1 - Contributor+ Stored XSS via Panel Slider Widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the ‘tablink’ attribute of the Panel Slider widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary w...

6.4CVSS5.8AI score0.00323EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder