CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53763 – WordPress Best Addons for Elementor plugin <=1.0.5 - Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53763
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5. The Best Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and ... • https://patchstack.com/database/wordpress/plugin/best-addons-for-elementor/vulnerability/wordpress-best-addons-for-elementor-plugin-1-0-5-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53764 – WordPress Softtemplates For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53764
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8. The Softtemplates For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces... • https://patchstack.com/database/wordpress/plugin/softtemplates-for-elementor/vulnerability/wordpress-softtemplates-for-elementor-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53766 – WordPress Devnex Addons For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53766
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8. The Devnex Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access an... • https://patchstack.com/database/wordpress/plugin/devnex-addons-for-elementor/vulnerability/wordpress-devnex-addons-for-elementor-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53774 – WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53774
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9. The Sparkle Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to in... • https://patchstack.com/database/wordpress/plugin/sparkle-elementor-kit/vulnerability/wordpress-sparkle-elementor-kit-plugin-2-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53786 – WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53786
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0. The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access ... • https://patchstack.com/database/wordpress/plugin/cowidgets-elementor-addons/vulnerability/wordpress-cowidgets-elementor-addons-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53743 – WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53743
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Countdown Timer for Elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through 1.3.6. The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acc... • https://patchstack.com/database/wordpress/plugin/countdown-timer-for-elementor/vulnerability/wordpress-countdown-timer-for-elementor-plugin-1-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53746 – WordPress Elementor Button Plus plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53746
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Elementor Button Plus allows Stored XSS.This issue affects Elementor Button Plus: from n/a through 1.3.3. The Elementor Button Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject... • https://patchstack.com/database/wordpress/plugin/fd-elementor-button-plus/vulnerability/wordpress-elementor-button-plus-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53749 – WordPress Post Carousel Slider for Elementor plugin <= 1.4.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53749
28 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Devs Post Carousel Slider for Elementor allows Stored XSS.This issue affects Post Carousel Slider for Elementor: from n/a through 1.4.0. The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with cont... • https://patchstack.com/database/wordpress/plugin/post-carousel-slider-for-elementor/vulnerability/wordpress-post-carousel-slider-for-elementor-plugin-1-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53739 – WordPress Cryptocurrency Widgets For Elementor plugin <= 1.6.4 - Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-53739
27 Nov 2024 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4. The Cryptocurrency Widgets For Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4. This makes it possible for unauthenticated attackers to include and execute arbitra... • https://patchstack.com/database/wordpress/plugin/cryptocurrency-widgets-for-elementor/vulnerability/wordpress-cryptocurrency-widgets-for-elementor-plugin-1-6-4-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53709 – WordPress Generic Elements plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-53709
22 Nov 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdevs Generic Elements allows DOM-Based XSS.This issue affects Generic Elements: from n/a through 1.2.3. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en bdevs Generic Elements permite XSS basado en DOM. Este problema afecta a Generic Elements: desde n/a hasta 1.2.3. The Generic Elements plugin for WordPress is vulnerable to Stored... • https://patchstack.com/database/wordpress/plugin/generic-elements-for-elementor/vulnerability/wordpress-generic-elements-plugin-1-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •