Livemeshelementor

Addons For Elementor

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-1465

  • EPSS 0.23%
  • Veröffentlicht 09.04.2024 19:15:17
  • Zuletzt bearbeitet 17.01.2025 18:20:39

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘carousel_skin’ attribute of the Posts Carousel widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and o...

5.4

CVE-2024-1464

  • EPSS 0.23%
  • Veröffentlicht 09.04.2024 19:15:17
  • Zuletzt bearbeitet 17.01.2025 18:23:39

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output esca...

5.4

CVE-2024-1461

  • EPSS 0.23%
  • Veröffentlicht 09.04.2024 19:15:17
  • Zuletzt bearbeitet 17.01.2025 18:24:39

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Team Members widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output esca...

5.4

CVE-2024-1458

  • EPSS 0.23%
  • Veröffentlicht 09.04.2024 19:15:17
  • Zuletzt bearbeitet 17.01.2025 18:25:27

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘text_alignment’ attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and o...

5.4

CVE-2024-25598

  • EPSS 0.08%
  • Veröffentlicht 15.03.2024 13:15:07
  • Zuletzt bearbeitet 06.03.2025 14:25:09

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for Elementor: from n/a through 8.3.

5.4

CVE-2024-27986

  • EPSS 0.06%
  • Veröffentlicht 14.03.2024 09:15:47
  • Zuletzt bearbeitet 23.01.2025 19:18:34

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Elementor Addons by Livemesh allows Stored XSS.This issue affects Elementor Addons by Livemesh: from n/a through 8.3.5.

5.4

CVE-2024-1235

  • EPSS 0.25%
  • Veröffentlicht 29.02.2024 01:43:44
  • Zuletzt bearbeitet 15.01.2025 17:37:00

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input sanitization and output escaping. This makes it possib...

4.8

CVE-2022-3862

Exploit
  • EPSS 0.21%
  • Veröffentlicht 12.12.2022 18:15:10
  • Zuletzt bearbeitet 22.04.2025 15:16:00

The Livemesh Addons for Elementor WordPress plugin before 7.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capab...

5.4

CVE-2021-24260

Exploit
  • EPSS 0.22%
  • Veröffentlicht 05.05.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 05:52:42

The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.