Lucene search
WpvulndbWPVDB-ID:E6FE93B5-BA6B-4AA0-8B2C-E91AB4C5E3D6HistoryFeb 15, 2024 - 12:00 a.m.
Premium Addons for Elementor < 4.10.19 - Contributor+ Stored Cross-Site Scripting
2024-02-1500:00:00
wpscan.com
4
elementor
premium addons
stored cross-site scripting
security vulnerability
contributor role
Description The plugin does not properly sanitize and escape its buttons’ onclick attribute, making it possible for users with at least the contributor role to conduct Stored XSS attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.10.19 |
Related
prion
prion
Cross site scripting
2024-02-29 01:43:00
cve
cve
CVE-2024-1242
2024-02-29 01:43:44
nvd
nvd
CVE-2024-1242
2024-02-29 01:43:44
cvelist
cvelist
CVE-2024-1242
2024-02-20 18:56:19
wordfence
wordfence
5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.2%
Related for WPVDB-ID:E6FE93B5-BA6B-4AA0-8B2C-E91AB4C5E3D6