- Description
- The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
- Source
- contact@wpscan.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2024-10980 Stored XSS in Element Pack Elementor Addons Plugin Pre-5.10.3 The Element Pack Elementor Addons WordPress plugin (before version 5.10.3) has a problem. It does not properly check and clean up some ... https://t.co/MhpDMSiGOW
@VulmonFeeds
30 Nov 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10980 The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress plugin before 5.10.3 does not validate and esc… https://t.co/MecJg83PZh
@CVEnew
29 Nov 2024
504 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes