Vulnerabilities > G5Plus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-10329 | Unspecified vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' function. | 4.3 |
| 2024-04-06 | CVE-2024-2132 | Cross-site Scripting vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Widget in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-01-08 | CVE-2023-6139 | Unspecified vulnerability in G5Plus Essential Real Estate The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks. | 6.5 |
| 2024-01-08 | CVE-2023-6141 | Cross-site Scripting vulnerability in G5Plus Essential Real Estate The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Stored XSS attacks. | 5.4 |