CyberSec.Space Logo
Back to CVE Browser

CVE-2021-24255

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1410%
EPSS Percentile36.58th
PublishedMay 5, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, both via a similar method.

Affected Platforms (CPE)

πŸ“¦
Wpdeveloper

Essential Addons For Elementor

< 4.5.4

References & Advisories

πŸ”— https://wpscan.com/vulnerability/7fb708da-e8c4-4455-b4f9-c4ad72f877da
πŸ”— https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/
πŸ”— https://wpscan.com/vulnerability/7fb708da-e8c4-4455-b4f9-c4ad72f877da
πŸ”— https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/

Related Vulnerabilities

CVE-2021-44478.8

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6...

CVE-2021-44466.3

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6....

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...