Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through 1.2.0.
History

Thu, 14 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Anasedreesi
Anasedreesi marquee Elementor With Posts
CPEs cpe:2.3:a:anasedreesi:marquee_elementor_with_posts:*:*:*:*:*:wordpress:*:*
Vendors & Products Anasedreesi
Anasedreesi marquee Elementor With Posts

Mon, 11 Nov 2024 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 10 Nov 2024 09:15:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through 1.2.0.
Title WordPress Marquee Elementor with Posts plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-11-10T08:58:29.749Z

Updated: 2024-11-11T11:39:19.194Z

Reserved: 2024-10-30T15:04:10.016Z

Link: CVE-2024-51584

cve-icon Vulnrichment

Updated: 2024-11-11T11:39:15.919Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-10T09:15:04.023

Modified: 2024-11-14T02:23:33.777

Link: CVE-2024-51584

cve-icon Redhat

No data.