Vulnerabilities > Modernaweb > Black Widgets FOR Elementor > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2025-01-09 CVE-2025-22806 Cross-site Scripting vulnerability in Modernaweb Black Widgets for Elementor
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows DOM-Based XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.8.
network
low complexity
modernaweb CWE-79
5.4
5.4
2024-10-30 CVE-2024-9388 Cross-site Scripting vulnerability in Modernaweb Black Widgets for Elementor
The Black Widgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping.
network
low complexity
modernaweb CWE-79
5.4
5.4
2024-08-01 CVE-2024-39662 Cross-site Scripting vulnerability in Modernaweb Black Widgets for Elementor
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.5.
network
low complexity
modernaweb CWE-79
5.4
5.4