CVE-2023-47505 – WordPress Elementor Website Builder Plugin <= 3.16.4 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47505
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor.Com Elementor allows Cross-Site Scripting (XSS).This issue affects Elementor: from n/a through 3.16.4. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ("Cross-site Scripting") en Elementor.Com Elementor permite Cross-Site Scripting (XSS). Este problema afecta a Elementor: desde n/a hasta 3.16.4. The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the get_inline_svg() function in versions up to, and including, 3.16.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/articles/arbitrary-attachment-render-to-xss-in-elementor-plugin?_s_id=cve https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-16-4-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-4953 – Elementor < 3.5.5 - Iframe Injection
https://notcve.org/view.php?id=CVE-2022-4953
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs. The Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘settings’ hash parameter in versions up to, and including, 3.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary iframes in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. WordPress Elementor plugin versions prior to 3.5.5 suffer from an iframe injection vulnerability. • https://www.exploit-db.com/exploits/51716 https://github.com/elementor/elementor/commit/292fc49e0f979bd52d838f0326d1faaebfa59f5e https://wpscan.com/vulnerability/8273357e-f9e1-44bc-8082-8faab838eda7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-0329 – Elementor Website Builder < 3.12.2 - Admin+ SQLi
https://notcve.org/view.php?id=CVE-2023-0329
The Elementor Website Builder WordPress plugin before 3.12.2 does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role. The Elementor plugin for WordPress is vulnerable to blind SQL Injection via the 'replace_urls' functionality in versions up to, and including, 3.12.1 due to insufficient escaping on the user supplied 'old' and 'new' parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Elementor Website Builder versions prior to 3.12.2 suffer from a remote SQL injection vulnerability. • http://packetstormsecurity.com/files/175639/Elementor-Website-Builder-SQL-Injection.html https://wpscan.com/vulnerability/a875836d-77f4-4306-b275-2b60efff1493 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-29455 – WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2022-29455
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. Una Vulnerabilidad de tipo Cross-Site Scripting (XSS) basada en el DOM en el plugin Elementor Website Builder de Elementor en versiones anteriores a 3.5.5 The Elementor Website Builder plugin for WordPress is vulnerable to Unauthenticated DOM-based Reflected Cross-Site Scripting via the ‘videoType’ and 'onError' parameter in the lightbox module in versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://github.com/akhilkoradiya/CVE-2022-29455 https://github.com/yaudahbanh/CVE-2022-29455 https://github.com/0xc4t/CVE-2022-29455 https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455-mass https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-5-5-unauthenticated-dom-based-reflected-cross-site-scripting-xss-vulnerability https://rotem-bar.com/hacking-65-million-websi • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24891 – Elementor < 3.4.8 - DOM Cross-Site-Scripting
https://notcve.org/view.php?id=CVE-2021-24891
The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross-Site Scripting issue. El plugin Elementor Website Builder de WordPress versiones anteriores a 3.4.8, no sanea ni escapa de la entrada del usuario añadida al DOM por medio de un hash malicioso, resultando en un problema de tipo Cross-Site Scripting DOM The Elementor Website Builder plugin for WordPress is vulnerable to DOM-based Cross-Site Scripting via the '#elementor-action:action=lightbox&settings=' DOM in versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/fbed0daa-007d-4f91-8d87-4bca7781de2d https://www.jbelamor.com/xss-elementor-lightox.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •