Lucene search
K

9 matches found

Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Xpro Addons For Elementor plugin <= 1.4.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Site Title' widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'Site Title' widget vulnerability discovered by Prissy - Developer in WordPress Plugin Xpro Elementor Addons versions = 1.4.7.1...

6.4CVSS5.9AI score0.00289EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:19 a.m.4 views

CVE-2024-5757

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5AI score0.00401EPSS
Exploits0References1
CVE
CVE
added 2025/03/20 6:54 a.m.69 views

CVE-2025-2108

The CVE CVE-2025-2108 affects the WordPress plugin “140+ Widgets | Xpro Addons For Elementor – FREE”. It is a Stored Cross-Site Scripting vulnerability in the Site Title widget via the title_tag and html_tag parameters, exploitable by authenticated users with Contributor-level access and above. A...

6.4CVSS5.7AI score0.00289EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

WordPress plugin Xpro Addons For Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS8.1AI score0.00289EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/06/14 12:0 a.m.20 views

Elementor Header & Footer Builder < 1.6.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget

Description The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.7AI score0.00401EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/13 6:15 a.m.4 views

CVE-2024-5757

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for...

5.4CVSS5.9AI score0.00401EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/13 5:34 a.m.11 views

CVE-2024-5757 Elementor Header & Footer Builder <= 1.6.35 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.00401EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.4 views

PT-2024-37124 · WordPress · Elementor Header & Footer Builder

Name of the Vulnerable Software and Affected Versions: Elementor Header & Footer Builder plugin for WordPress versions up to, and including, 1.6.35 Description: The issue is related to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget due to insufficient inpu...

6.4CVSS6.2AI score0.00401EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/06/12 8:6 a.m.3 views

WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability

Authenticated Stored Cross-Site Scripting via Site Title Widget vulnerability discovered by wesley wcraft in WordPress Plugin Ultimate Addons for Elementor - Lite versions = 1.6.35...

6.4CVSS5.7AI score0.00401EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder