WordPress Elementor Website Builder Plugin <= 3.18.3 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Website Builder Type Plugin Vulnerable versions = 3.18.3 Fixed in 3.19.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0506 Patch priority Low CVSS severity Low 6.5 Developer Elementor PSID cf3633af9a1c Credits wesley wcraft...

WordPress Elementor Website Builder Plugin <= 3.13.1 is vulnerable to Broken Access Control

Software Elementor Website Builder Type Plugin Vulnerable versions = 3.13.1 Fixed in 3.13.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Elementor PSID 95f606d4bd1b Credits N/A Required privilege...

WordPress Elementor Website Builder Plugin <= 3.12.1 is vulnerable to SQL Injection

Software Elementor Website Builder Type Plugin Vulnerable versions = 3.12.1 Fixed in 3.12.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0329 Patch priority Low CVSS severity Low 6.6 Developer Elementor PSID c642fe631d89 Credits Sanjay Das Required privilege Administrator...