NotCVE - vendor:"Gum Elementor Addon" product:"Gum Elementor Addon" version:" >= 0.0.0 <= 1.3.10"

6 results (0.016 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-30800 – WordPress Gum Elementor Addon plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2025-30800

27 Mar 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon allows Stored XSS. This issue affects Gum Elementor Addon: from n/a through 1.3.10. The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbit... • https://patchstack.com/database/wordpress/plugin/gum-elementor-addon/vulnerability/wordpress-gum-elementor-addon-plugin-1-3-10-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-44027 – WordPress Gum Elementor Addon plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-44027

24 Sep 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.6. The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject ... • https://patchstack.com/database/vulnerability/gum-elementor-addon/wordpress-gum-elementor-addon-plugin-1-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-44035 – WordPress Gum Elementor Addon plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-44035

23 Sep 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.7. The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject ... • https://patchstack.com/database/vulnerability/gum-elementor-addon/wordpress-gum-elementor-addon-plugin-1-3-7-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-37565 – WordPress Gum Elementor Addon plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-37565

09 Jul 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.5. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en TemeGUM Gum Elementor Addon permite XSS almacenado. Este problema afecta a Gum Elementor Addon: desde n/a hasta 1.3.5. The Gum Elementor Addon plugin for WordPress ... • https://patchstack.com/database/vulnerability/gum-elementor-addon/wordpress-gum-elementor-addon-plugin-1-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-4668 – Gum Elementor Addon <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets

https://notcve.org/view.php?id=CVE-2024-4668

29 May 2024 — The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Gum Elementor Addon para WordPress e... • https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/post_slider.php#L2353 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-2348 – Gum Elementor Addon <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Widget

https://notcve.org/view.php?id=CVE-2024-2348

19 Mar 2024 — The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Gum Elementor Addon para WordPress es vulnerable a Cross-Site Scripting Almacenado a... • https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •