RSS   Vulnerabilities for 'Powerpack addons for elementor'   RSS

2022-01-03
 
CVE-2021-25027

CWE-79
 

 
The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue

 
2021-05-05
 
CVE-2021-24263

CWE-79
 

 
The �??Elementor Addons �?? PowerPack Addons for Elementor�?� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

 


Copyright 2024, cxsecurity.com

 

Back to Top