Stax@* Security Vulnerabilities and Issues — Stax@* CVE List

Lucene search

StaxwpStax*

3 matches found

CVE•added 2023/06/09 6:15 a.m.•50 views

CVE-2023-1807

The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.3. This is due to missing or incorrect nonce validation on the toggle_widget function. This makes it possible for unauthenticated attackers to...

4.3CVSS5.1AI score0.00158EPSS

CVE•added 2023/06/09 6:16 a.m.•44 views

CVE-2023-2189

The Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggle_widget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with subscriber-...

4.3CVSS5.2AI score0.00049EPSS

CVE•added 2024/07/06 1:15 p.m.•37 views

CVE-2024-37541

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax allows Stored XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through 1.4.4.1.

6.5CVSS5.9AI score0.00077EPSS