Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-02	CVE-2024-3197	Cross-site Scripting vulnerability in Posimyth the Plus Addons for Elementor The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom attributes in the plugin's widgets in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity posimyth CWE-79	5.4
2024-05-02	CVE-2024-3199	Cross-site Scripting vulnerability in Posimyth the Plus Addons for Elementor The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping. network low complexity posimyth CWE-79	5.4
2024-05-02	CVE-2024-3307	Cross-site Scripting vulnerability in Hasthemes HT Mega The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown widget's attributes in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping. network low complexity hasthemes CWE-79	5.4
2024-05-02	CVE-2024-3308	Cross-site Scripting vulnerability in Hasthemes HT Mega The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget's attributes in all versions up to, and including, 2.4.9 due to insufficient input sanitization and output escaping. network low complexity hasthemes CWE-79	5.4
2024-05-02	CVE-2024-3337	Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_breadcrumb_element' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity extendthemes CWE-79	5.4
2024-05-02	CVE-2024-3338	Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt data parameter in all versions up to, and including, 1.0.262 due to insufficient input sanitization and output escaping. network low complexity extendthemes CWE-79	5.4
2024-05-02	CVE-2024-3340	Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri-gallery-slideshow' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity extendthemes CWE-79	5.4
2024-05-02	CVE-2024-3489	Cross-site Scripting vulnerability in Exclusiveaddons Exclusive Addons for Elementor The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Countdown Expired Title in all versions up to, and including, 2.6.9.4 due to insufficient input sanitization and output escaping. network low complexity exclusiveaddons CWE-79	5.4
2024-05-02	CVE-2024-3550	Cross-site Scripting vulnerability in Getshortcodes Shortcodes Ultimate The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity getshortcodes CWE-79	5.4
2024-05-02	CVE-2024-3588	Cross-site Scripting vulnerability in Motopress Getwid The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity motopress CWE-79	5.4