Vulnerabilities > Unlimited Elements > Unlimited Elements FOR Elementor Free Widgets Addons Templates

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-6169 Cross-site Scripting vulnerability in Unlimited-Elements Unlimited Elements for Elementor (Free Widgets, Addons, Templates)
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘username’ parameter in all versions up to, and including, 1.5.112 due to insufficient input sanitization and output escaping.
network
low complexity
unlimited-elements CWE-79
5.4
5.4
2024-07-09 CVE-2024-6170 Cross-site Scripting vulnerability in Unlimited-Elements Unlimited Elements for Elementor (Free Widgets, Addons, Templates)
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘email’ parameter in all versions up to, and including, 1.5.112 due to insufficient input sanitization and output escaping.
network
low complexity
unlimited-elements CWE-79
5.4
5.4