CVE-2024-11230
- EPSS 0.19%
- Veröffentlicht 23.12.2024 05:15:05
- Zuletzt bearbeitet 29.01.2025 20:46:12
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.6.46 due to insufficient input sanitization and output escaping. This makes it po...
CVE-2024-10325
- EPSS 0.23%
- Veröffentlicht 08.11.2024 12:15:14
- Zuletzt bearbeitet 13.11.2024 20:01:05
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient input sanitization and output escaping. This makes ...
CVE-2024-10050
- EPSS 0.47%
- Veröffentlicht 24.10.2024 09:15:02
- Zuletzt bearbeitet 29.01.2025 17:00:56
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 1.6.43 via the hfe_template shortcode. This makes it possible for authenticated attackers, with Contributor-level...