Sinaextra

Sina Extension For Elementor

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-49262

  • EPSS 0.04%
  • Veröffentlicht 06.06.2025 12:53:38
  • Zuletzt bearbeitet 02.07.2025 20:02:58

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shaonsina Sina Extension for Elementor allows Stored XSS. This issue affects Sina Extension for Elementor: from n/a through 3.6.1.

5.4

CVE-2025-1517

  • EPSS 0.17%
  • Veröffentlicht 26.02.2025 13:15:41
  • Zuletzt bearbeitet 24.03.2025 17:56:06

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text, Countdown Widget, ...

5.4

CVE-2024-12624

  • EPSS 0.22%
  • Veröffentlicht 07.01.2025 07:15:27
  • Zuletzt bearbeitet 04.02.2025 17:09:29

The Sina Extension for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sina Image Differ widget in all versions up to, and including, 3.5.91 due to insufficient input sanitization and output escaping on us...

4.3

CVE-2024-9540

  • EPSS 0.3%
  • Veröffentlicht 16.10.2024 08:15:07
  • Zuletzt bearbeitet 30.10.2024 20:56:01

The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php. This makes it possible for authenticated...

5.4

CVE-2024-5260

  • EPSS 0.17%
  • Veröffentlicht 02.07.2024 09:15:19
  • Zuletzt bearbeitet 11.07.2025 20:02:19

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘read_more_text’ parameter in all versi...

5.4

CVE-2024-5036

  • EPSS 0.36%
  • Veröffentlicht 20.06.2024 11:15:56
  • Zuletzt bearbeitet 04.02.2025 17:09:18

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, ...

5.4

CVE-2024-35703

  • EPSS 0.11%
  • Veröffentlicht 08.06.2024 15:15:53
  • Zuletzt bearbeitet 21.11.2024 09:20:42

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3.

8.8

CVE-2024-34384

  • EPSS 0.81%
  • Veröffentlicht 04.06.2024 14:15:10
  • Zuletzt bearbeitet 21.11.2024 09:18:33

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SinaExtra Sina Extension for Elementor allows PHP Local File Inclusion.This issue affects Sina Extension for Elementor: from n/a through 3.5.1.

5.4

CVE-2024-4373

  • EPSS 0.52%
  • Veröffentlicht 15.05.2024 02:15:09
  • Zuletzt bearbeitet 04.02.2025 16:47:21

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sina Particle Layer widget in ...

5.4

CVE-2024-4333

  • EPSS 0.16%
  • Veröffentlicht 14.05.2024 16:17:33
  • Zuletzt bearbeitet 04.02.2025 16:23:41

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via several parameters in versions up to, an...