MEDIUM✓ PATCH🇬🇧 English

CVE-2024-37554

CVSS 6.5v3.1pub. 2024-07-06upd. 2026-04-23

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows DOM-Based XSS.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
  • Codeastrology Ultraaddons

    APP
    Codeastrology
    ≤ 1.1.6
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2024-10696MEDIUM4.3ten sam produkt

The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, A...

CVE-2024-4866MEDIUM6.4ten sam produkt

The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, A...

CVE-2022-1020CRITICAL9.8ten sam vendor

The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation ...

CVE-2024-10813MEDIUM5.3ten sam vendor

The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is vulnerable to...

CVE-2023-48768MEDIUM4.3ten sam vendor

Cross-Site Request Forgery (CSRF) vulnerability in CodeAstrology Team Quantity Plus Minus Button for WooCommer...