CVE-2024-0977
The CVE-2024-0977 entry concerns Timeline Widget For Elementor (WordPress) up to version 1.5.3, which is vulnerable to stored XSS via image URLs due to insufficient input sanitization and output escaping. Exploitation requires authenticated access (Contributor+). The issue is mitigated by upgradi...