3 matches found
CVE-2024-0823
CVE-2024-0823 affects the WordPress plugin Exclusive Addons for Elementor. A stored XSS flaw exists in carousels via the Link To URL in versions
CVE-2022-45067
CVE-2022-45067 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin DevsCred Exclusive Addons Elementor (versions ≤ 2.6.1). Affected component: the Elementor addon plugin; root cause: CSRF. Impact per sources varies: NVD lists base CVSS v3.1 8.8 (High) with network ...
CVE-2024-0824
The CVE-2024-0824 entry concerns the WordPress plugin Exclusive Addons for Elementor. A Stored Cross-Site Scripting (XSS) flaw exists in the Link Anything feature across all versions up to 2.6.8, caused by insufficient input sanitization and output escaping. The vulnerability can be exploited by ...