2 matches found
CVE-2024-37547
CVE-2024-37547 is a Local File Inclusion path-traversal vulnerability in the WordPress plugin Livemesh Addons for Elementor (versions up to and including 8.4.0). The underlying issue is an improper limitation of a pathname to a restricted directory. Affected product versions are
CVE-2024-0448
CVE-2024-0448 affects the Elementor Addons by Livemesh plugin for WordPress (versions up to and including 8.3.1). The underlying issue is Stored Cross-Site Scripting via the widget URL parameters caused by insufficient input sanitization and output escaping, allowing authenticated attackers with ...