Page 4 of 17 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user. El plugin Elementor versiones anteriores a 2.8.5 para WordPress, sufre de una vulnerabilidad de tipo XSS reflejado en la página elementor-system-info. Estos pueden ser explotados al apuntar a un usuario autenticado. • https://blog.impenetrable.tech/xss-in-wordpress-elementor-plugin https://wordpress.org/plugins/elementor/#developers https://wpvulndb.com/vulnerabilities/10051 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template. El plugin Elementor Page Builder versiones anteriores a 2.8.4 para WordPress, no sanea los datos durante la creación de una nueva plantilla. • https://wordpress.org/plugins/elementor/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •