CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-24255

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1410%
EPSS Percentile36.58th
Published2021年5月5日
Last Modified2024年11月21日

Vulnerability Description

The Essential Addons for Elementor Lite WordPress Plugin before 4.5.4 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, both via a similar method.

Affected Platforms (CPE)

📦
Wpdeveloper

Essential Addons For Elementor

< 4.5.4

References & Advisories

🔗 https://wpscan.com/vulnerability/7fb708da-e8c4-4455-b4f9-c4ad72f877da
🔗 https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/
🔗 https://wpscan.com/vulnerability/7fb708da-e8c4-4455-b4f9-c4ad72f877da
🔗 https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/

相關漏洞威脅

CVE-2021-44478.8

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6...

CVE-2021-44466.3

The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6....

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...