Filtered by vendor Sinaextra Subscriptions
Filtered by product Sina Extension For Elementor Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-35703 1 Sinaextra 1 Sina Extension For Elementor 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3.
CVE-2024-34384 1 Sinaextra 1 Sina Extension For Elementor 2024-11-21 6.5 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SinaExtra Sina Extension for Elementor allows PHP Local File Inclusion.This issue affects Sina Extension for Elementor: from n/a through 3.5.1.
CVE-2021-24269 1 Sinaextra 1 Sina Extension For Elementor 2024-11-21 5.4 Medium
The “Sina Extension for Elementor” WordPress Plugin before 3.3.12 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2024-9540 1 Sinaextra 1 Sina Extension For Elementor 2024-10-30 4.3 Medium
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data.