CVE-2024-52471
- EPSS 0.11%
- Veröffentlicht 20.11.2024 15:15:11
- Zuletzt bearbeitet 05.02.2025 14:55:10
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37.
CVE-2024-39668
- EPSS 0.2%
- Veröffentlicht 01.08.2024 22:15:28
- Zuletzt bearbeitet 22.11.2024 19:09:18
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Stored XSS.This issue affects Extensions for Elementor: from n/a through 2.0.31.
CVE-2024-4868
- EPSS 0.43%
- Veröffentlicht 09.07.2024 09:15:06
- Zuletzt bearbeitet 05.02.2025 15:22:38
The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's EE Events and EE Flipbox widgets in all versions up to, and including, 2.0.31 due to insufficient input sanitization and output escaping o...
CVE-2024-5666
- EPSS 0.16%
- Veröffentlicht 29.06.2024 07:15:02
- Zuletzt bearbeitet 21.11.2024 09:48:07
The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the EE Button widget in all versions up to, and including, 2.0.30 due to insufficient input sanitization and output escaping...