Elementor Website Builder 漏洞列表
共找到 8 个与 Elementor Website Builder 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting POC
WordPress Elementor Website Builder plugin 3.5.5 and prior contains a reflected cross-site scripting vulnerability via the document object model. -
CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting POC
WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash. -
CVE-2022-1329: Elementor Website Builder - Remote Code Execution POC
The Elementor Website Builder plugin for WordPress versions 3.6.0 to 3.6.2 are vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file. This makes it possible for attackers to modify site data and upload malicious files which can be used to obtain remote code execution. -
CVE-2022-29455: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting POC
WordPress Elementor Website Builder plugin 3.5.5 and prior contains a reflected cross-site scripting vulnerability via the document object model. -
CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting POC
WordPress Elementor Website Builder plugin 3.5.5 and prior contains a reflected cross-site scripting vulnerability via the document object model. -
CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting POC
WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash. -
CVE-2022-1329: Elementor Website Builder - Remote Code Execution POC
The Elementor Website Builder plugin for WordPress versions 3.6.0 to 3.6.2 are vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file. This makes it possible for attackers to modify site data and upload malicious files which can be used to obtain remote code execution. -
CVE-2022-29455: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting POC
WordPress Elementor Website Builder plugin 3.5.5 and prior contains a reflected cross-site scripting vulnerability via the document object model.