Lucene search
K
WowdevsSky Addons For Elementor

7 matches found

CVE
CVE
added 2024/11/21 11:2 a.m.69 views

CVE-2024-9542

The CVE-2024-9542 entry concerns the WordPress plugin Sky Addons for Elementor. The vulnerability exists in all versions up to and including 2.6.1 and is triggered by the render function in modules/content-switcher/widgets/content-switcher.php. It permits authenticated attackers with Contributor-...

4.3CVSS4.2AI score0.003EPSS
CVE
CVE
added 2024/11/22 5:33 a.m.61 views

CVE-2024-11104

CVE-2024-11104 concerns Sky Addons for Elementor (WordPress plugin) ≤ 2.6.2. The root cause is a missing capability check in save_options(), enabling authenticated users with subscriber-level access and above to modify arbitrary option values that can be saved as arrays, potentially causing a den...

8.1CVSS7.7AI score0.00666EPSS
CVE
CVE
added 2024/11/22 5:33 a.m.61 views

CVE-2024-11601

CVE-2024-11601 affects Sky Addons for Elementor (WordPress) up to version 2.6.1, due to missing nonce validation in save_options(), enabling CSRF that could let unauthenticated attackers modify options by tricking an administrator. A fix is available in 2.6.2; upgrade to that version or apply ven...

8.1CVSS7.8AI score0.00314EPSS
CVE
CVE
added 2024/07/20 7:39 a.m.54 views

CVE-2024-38687

CVE-2024-38687 is a stored XSS in Sky Addons for Elementor (WordPress plugin) affecting Sky Addons for Elementor versions up to 2.5.5. The connected records corroborate qualified impact as Cross-Site Scripting and list remediation: upgrade to a version later than 2.5.5 (Sky Addons for Elementor),...

6.5CVSS5.9AI score0.0032EPSS
CVE
CVE
added 2024/10/06 11:2 a.m.46 views

CVE-2024-47332

CVE-2024-47332 affects the WordPress Sky Addons for Elementor plugin, with stored XSS due to improper input neutralization during web page generation. Impact is limited to Sky Addons for Elementor versions up to 2.5.11 (patch released in 2.5.12). Remediation: update to 2.5.12 or later; patch deta...

6.5CVSS5.9AI score0.00261EPSS
CVE
CVE
added 2024/03/13 3:27 p.m.45 views

CVE-2024-2286

CVE-2024-2286 affects Sky Addons for Elementor (WordPress). It is a Stored XSS via the wrapper link URL value in versions up to and including 2.4.0, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authentication as a Contributor+ to...

6.4CVSS6AI score0.00423EPSS
CVE
CVE
added 2024/10/28 6:14 p.m.43 views

CVE-2024-50433

CVE-2024-50433 (Sky Addons for Elementor) stores XSS vulnerability in Sky Addons for Elementor versions

6.5CVSS5.9AI score0.00256EPSS