Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting

2020-08-31T00:00:00
ID WPVDB-ID:10388
Type wpvulndb
Reporter wpvulndb
Modified 2020-09-02T00:00:00

Description

WordPress Vulnerability - Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting

PoC

Go to templates tab, click on "add new', and select page or section Then add XSS payload such as "> on "name your template" field and hit create template