|
195571
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
The “Livemesh Addons for Elementor” WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a …
|
-
|
CVE-2021-24260
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195572
|
5.4 |
MEDIUM
Network
|
webtechstreet
|
elementor_addon_elements
|
The “Elementor Addon Elements” WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a si…
|
-
|
CVE-2021-24259
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195573
|
5.4 |
MEDIUM
Network
|
wpmet
|
elements_kit_elementor_addons
|
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contribut…
|
-
|
CVE-2021-24258
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195574
|
5.4 |
MEDIUM
Network
|
leap13
|
premium_addons_for_elementor
|
The “Premium Addons for Elementor” WordPress Plugin before 4.2.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a…
|
-
|
CVE-2021-24257
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195575
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
elementor_-_header\
_footer_\&_blocks_template
|
The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributor…
|
-
|
CVE-2021-24256
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195576
|
5.4 |
MEDIUM
Network
|
wpdeveloper
|
essential_addons_for_elementor
|
The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, both via…
|
-
|
CVE-2021-24255
|
2024-11-21 14:52 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195577
|
3.8 |
LOW
Network
|
themeum
|
tutor_lms
|
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the pl…
|
-
|
CVE-2021-24242
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195578
|
6.1 |
MEDIUM
Network
|
advancedcustomfields
|
advanced_custom_fields
|
The Advanced Custom Fields Pro WordPress plugin before 5.9.1 did not properly escape the generated update URL when outputting it in an attribute, leading to a reflected Cross-Site Scripting issue in …
|
-
|
CVE-2021-24241
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195579
|
9.8 |
CRITICAL
Network
|
aivahthemes
|
business_hours_pro
|
The Business Hours Pro WordPress plugin through 5.5.0 allows a remote attacker to upload arbitrary files using its manual update functionality, leading to an unauthenticated remote code execution vul…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-24240
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195580
|
6.1 |
MEDIUM
Network
|
genetechsolutions
|
pie_register
|
The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin before 3.7.0.1 does not sanitise the invitaion_code GET parameter when outputting i…
|
-
|
CVE-2021-24239
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
