Lucene search
WpvulndbWPVDB-ID:7DFDE62F-F167-403B-8B23-F4AC845AC04DHistoryJul 21, 2020 - 12:00 a.m.
Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting
2020-07-2100:00:00
wpscan.com
6
The template name is not properly sanitised when output back, leading to a stored XSS issue.
PoC
Go to templates tab, click on "add new’, and select page or section Then add XSS payload such as "> on “name your template” field and hit create template
Related
cve
cve
CVE-2020-15020
2020-08-31 13:15:00
wpexploit
wpexploit
Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting
2020-07-21 00:00:00
cvelist
cvelist
CVE-2020-15020
2020-08-31 12:27:55
patchstack
patchstack
prion
prion
Cross site scripting
2020-08-31 13:15:00
openvas
openvas
WordPress Elementor Page Builder Plugin <= 2.9.13 XSS Vulnerability
2020-09-03 00:00:00
Related for WPVDB-ID:7DFDE62F-F167-403B-8B23-F4AC845AC04D