Описание
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.9.9 (исключая)
cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
EPSS
Процентиль: 33%
0.00128
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79