PowerPack Addons for Elementor (Free Widgets, Extensions and Templates), CVE-2021-25027
- CVE, Research URL
- Home page URL
-
Security reports for PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)
- Published on
- Jan 03, 2022
- Research Description
- The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
- Affected versions
-
Min -, max 2.6.2.
- Status
-
vulnerable