2 matches found
Cross site scripting
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table Elementor Widget in all versions up to, and including, 2.10.27 due to insufficient input sanitization and output escaping on the user supplied link URL. This makes it possib...
CVE-2024-0508
The CVE-2024-0508 entry concerns Orbit Fox by ThemeIsle for WordPress, with a Stored Cross-Site Scripting vulnerability in the Pricing Table Elementor Widget present in all versions up to and including 2.10.27. The issue stems from insufficient input sanitization and output escaping on user-suppl...