CVE-2024-33541
- EPSS 1.2%
- Veröffentlicht 04.06.2024 13:15:51
- Zuletzt bearbeitet 06.03.2025 14:25:09
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BetterAddons Better Elementor Addons allows PHP Local File Inclusion.This issue affects Better Elementor Addons: from n/a through 1.4.1.
CVE-2024-34432
- EPSS 0.18%
- Veröffentlicht 14.05.2024 15:39:03
- Zuletzt bearbeitet 06.03.2025 14:25:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons better-elementor-addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.4.4.
CVE-2024-30423
- EPSS 0.16%
- Veröffentlicht 29.03.2024 14:15:08
- Zuletzt bearbeitet 06.03.2025 14:25:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.3.7.
CVE-2024-2280
- EPSS 0.15%
- Veröffentlicht 29.03.2024 07:15:44
- Zuletzt bearbeitet 06.03.2025 14:25:09
The Better Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget link URL values in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attri...