3 matches found
CVE-2024-12116 Unlimited Theme Addon For Elementor and WooCommerce <= 1.2.2 - Authenticated (Contributor+) Post Disclosure
The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...
WordPress Unlimited Theme Addon For Elementor and WooCommerce plugin <= 1.2.1 - Authenticated (Contributor+) Post Disclosure vulnerability
Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Unlimited Theme Addon For Elementor and WooCommerce versions = 1.2.1...
WordPress Unlimited Theme Addon For Elementor and WooCommerce Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software Unlimited Theme Addon For Elementor and WooCommerce Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6d5498e5f5ec...