Lucene search

K
ElementorElementor Pro

8 matches found

CVE
CVE
added 2024/03/16 5:15 a.m.193 views

CVE-2024-23523

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2.

6.5CVSS6.7AI score0.00203EPSS
CVE
CVE
added 2024/07/22 10:15 a.m.137 views

CVE-2024-35656

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2.

7.1CVSS7AI score0.00098EPSS
CVE
CVE
added 2024/03/27 7:15 a.m.68 views

CVE-2024-1521

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacke...

6.4CVSS7.7AI score0.00088EPSS
CVE
CVE
added 2024/04/22 11:15 a.m.59 views

CVE-2024-32681

Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2.

8.8CVSS6.8AI score0.00289EPSS
CVE
CVE
added 2024/03/27 7:15 a.m.57 views

CVE-2024-2121

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for ...

5.4CVSS7.6AI score0.00094EPSS
CVE
CVE
added 2024/03/27 7:15 a.m.45 views

CVE-2024-1364

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's custom_id in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated at...

6.4CVSS7.6AI score0.00094EPSS
CVE
CVE
added 2024/03/27 7:15 a.m.45 views

CVE-2024-2781

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_html_tag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with cont...

6.4CVSS7.7AI score0.00124EPSS
CVE
CVE
added 2024/06/19 1:15 p.m.44 views

CVE-2023-35050

Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0.

6.5CVSS6.5AI score0.00125EPSS