cleantalk
Vulnerabilities and Security Researches

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates), CVE-2021-24263

CVE, Research URL

CVE-2021-24263

Published on
May 06, 2021
Research Description
The “Elementor Addons – PowerPack Addons for Elementor” WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected versions
Min -, max 2.3.2.
Status
vulnerable