Vulnerabilities > Livemeshelementor > Addons FOR Elementor > 8.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2024-1465 | Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘carousel_skin’ attribute of the Posts Carousel widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-04-09 | CVE-2024-1466 | Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_style’ attribute of the Posts Multislider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-03-14 | CVE-2024-27986 | Unspecified vulnerability in Livemeshelementor Addons for Elementor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Elementor Addons by Livemesh allows Stored XSS.This issue affects Elementor Addons by Livemesh: from n/a through 8.3.5. | 5.4 |
| 2024-02-29 | CVE-2024-1235 | Cross-site Scripting vulnerability in Livemeshelementor Addons for Elementor The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input sanitization and output escaping. | 5.4 |