Search
Search Results (105 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13865 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 5.4 Medium |
| The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes. | ||||
| CVE-2020-13864 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 5.4 Medium |
| The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links. | ||||
| CVE-2020-13126 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 9.9 Critical |
| An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected. | ||||
| CVE-2018-18379 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 6.1 Medium |
| The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS. | ||||
| CVE-2017-18596 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 8.8 High |
| The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions. | ||||