Lucene search
K
QuomodosoftElementsready

8 matches found

CVE
CVE
added 2024/05/06 6:29 p.m.69 views

CVE-2024-34374

CVE-2024-34374 is a Stored Cross-Site Scripting (XSS) vulnerability in QuomodoSoft ElementsReady Addons for Elementor. The issue affects ElementsReady Addons for Elementor releases up to 5.8.0 (inclusive). Red Hat’s advisory corroborates the same description. Public references list this CVE under...

6.5CVSS5.2AI score0.00336EPSS
CVE
CVE
added 2024/12/17 12:43 p.m.59 views

CVE-2024-10356

CVE-2024-10356 affects ElementsReady Addons for Elementor (WordPress). Remote code is not exposed; the issue is Sensitive Information Exposure due to insecure access control in inc/Widgets/accordion/output/content.php, exploitable by authenticated users with Contributor+ rights. The Red Hat/Wordf...

4.3CVSS4.4AI score0.0041EPSS
CVE
CVE
added 2024/12/09 11:32 a.m.59 views

CVE-2024-54224

CVE-2024-54224 affects WordPress ElementsReady Addons for Elementor (

6.5CVSS7.2AI score0.00316EPSS
CVE
CVE
added 2024/06/06 3:53 a.m.58 views

CVE-2024-5152

CVE-2024-5152 affects the ElementsReady Addons for Elementor plugin (WordPress). It is a Stored Cross-Site Scripting via the _id parameter in all versions up to 6.1.0. Exploitation requires Contributor+ access and can cause scripts to run on pages viewed by users. No remediation details are provi...

6.4CVSS5.5AI score0.00314EPSS
CVE
CVE
added 2024/10/06 11:3 a.m.55 views

CVE-2024-47329

The CVE-2024-47329 entry concerns WordPress plugin ElementsReady Addons for Elementor. A stored XSS vulnerability exists in versions

6.5CVSS5.9AI score0.00254EPSS
CVE
CVE
added 2024/10/16 9:32 a.m.55 views

CVE-2024-9444

CVE-2024-9444 : The ElementsReady Addons for Elementor WordPress plugin is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to and including 6.4.3 due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at Author leve...

6.4CVSS5.9AI score0.00302EPSS
CVE
CVE
added 2024/11/09 8:22 a.m.53 views

CVE-2024-51787

CVE-2024-51787 is a stored XSS in ElementsReady Addons for Elementor. An authenticated attacker could inject script via input processed by the plugin, affecting ElementsReady Addons for Elementor versions up to 6.4.3. Red Hat and Wordfence references confirm the vulnerability class and affected p...

6.5CVSS7.2AI score0.00233EPSS
CVE
CVE
added 2024/10/11 6:12 p.m.48 views

CVE-2024-47353

CVE-2024-47353 describes an Open Redirect vulnerability in WordPress plugin ElementsReady Addons for Elementor (ElementsReady Addons for Elementor) affecting version 6.4.2 and earlier. The issue allows redirection to an untrusted site via URL handling within the plugin. Patchstack notes the fix i...

6.1CVSS5.9AI score0.00236EPSS