CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52358 – WordPress Responsive Addons for Elementor plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-52358
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4. The Responsive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/responsive-addons-for-elementor/wordpress-responsive-addons-for-elementor-plugin-1-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51812 – WordPress Pro Addons For Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-51812
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through 1.5.0. The Pro Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/pro-addons-for-elementor/wordpress-pro-addons-for-elementor-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51813 – WordPress Anant Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-51813
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anantaddons, Anantsites Anant Addons for Elementor allows DOM-Based XSS.This issue affects Anant Addons for Elementor: from n/a through 1.0.5. The Anant Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/anant-addons-for-elementor/wordpress-anant-addons-for-elementor-plugin-1-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51836 – WordPress Wezido plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-51836
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Teconce Wezido allows DOM-Based XSS.This issue affects Wezido: from n/a through 1.2. The Wezido plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/wezido-elementor-addon-based-on-easy-digital-downloads/wordpress-wezido-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51841 – WordPress File Select Control For Elementor plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-51841
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode File Select Control For Elementor allows DOM-Based XSS.This issue affects File Select Control For Elementor: from n/a through 1.3. The File Select Control For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/file-select-control-for-elementor/wordpress-file-select-control-for-elementor-plugin-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •