cleantalk
Vulnerabilities and Security Researches

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates), CVE-2021-25027

CVE, Research URL

CVE-2021-25027

Published on
Jan 03, 2022
Research Description
The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Affected versions
Min -, max 2.6.2.
Status
vulnerable