The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS.
References
Link | Resource |
---|---|
https://elementor.com/blog/ | Vendor Advisory |
https://www.contextis.com/en/resources/advisories/cve-2018-18379 | Third Party Advisory |
https://www.contextis.com/resources/advisories | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-10-07 12:15
Updated : 2024-02-28 17:28
NVD link : CVE-2018-18379
Mitre link : CVE-2018-18379
CVE.ORG link : CVE-2018-18379
JSON object : View
Products Affected
elementor
- elementor_page_builder
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')