CVE-2024-54444

Medium CVSS: 5.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows Stored XSS.This issue affects Elementor Website Builder: from n/a through <= 3.25.10.

Vendor

Elementor

Product

Website Builder

CWE

CWE-79

Yayın Tarihi

2025-02-25 15:15:22

Güncelleme

2026-04-01 16:21:19

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Website Builder MEDIUM Elementor 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/elementor/vulnerability/wordpress-elementor-plugin-3-25-10-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2025-8081

The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via…

Medium

CVE-2025-3075

The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Sc…

Medium

CVE-2025-3076

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text…

Medium

CVE-2025-1319

The Site Mailer – SMTP Replacement, Email API Deliverability & Email Log plugin for WordPress is vulnerable to Stored Cr…

Medium

CVE-2024-13445

The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Sc…

Medium

CVE-2024-8494

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions u…