3 matches found
CVE-2024-5222
CVE-2024-5222: Stored XSS in the Responsive Addons WordPress plugin via the file uploader; affects all versions up to 3.0.5 and requires authentication (Author level or higher). A patch/update is available per connected disclosures; apply the vendor/maintainer update to remediate.
CVE-2024-13834
CVE-2024-13834 refers to a Server-Side Request Forgery in the WordPress plugin Responsive Plus (starter templates/advanced features/customizer) up to version 3.1.4, exploitable by an authenticated user with contributor+ rights via the remote_request function. The vulnerability allows web requests...
CVE-2024-13354
CVE-2024-13354 affects the WordPress plugin family “Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates.” The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in multiple widgets caused by insufficient input sanitization and output escaping. It is explo...