Filtered by vendor Sinaextra
Subscriptions
Filtered by product Sina Extension For Elementor
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-35703 | 1 Sinaextra | 1 Sina Extension For Elementor | 2024-11-21 | 6.5 Medium |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3. | ||||
CVE-2024-34384 | 1 Sinaextra | 1 Sina Extension For Elementor | 2024-11-21 | 6.5 Medium |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SinaExtra Sina Extension for Elementor allows PHP Local File Inclusion.This issue affects Sina Extension for Elementor: from n/a through 3.5.1. | ||||
CVE-2021-24269 | 1 Sinaextra | 1 Sina Extension For Elementor | 2024-11-21 | 5.4 Medium |
The “Sina Extension for Elementor” WordPress Plugin before 3.3.12 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. | ||||
CVE-2024-9540 | 1 Sinaextra | 1 Sina Extension For Elementor | 2024-10-30 | 4.3 Medium |
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-modal-box.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data. |
Page 1 of 1.