CVE-2024-5666

Published June 29th, 2024

View on NVD ↗

CVSS v3

6.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the EE Button widget in all versions up to, and including, 2.0.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Extensions for ElementorUNAVAILABLE

<p>Add more power to your <a href="https://wordpress.org/plugins/elementor/" rel="ugc">Elementor</a> page building experience with 20+ useful & creative elements.</p> <h3>20+ FREE WIDGETS AND COUNTING</h3> <ol> <li>Anchor Scroll – Create section scroll with icon, text, positions and icon views</li> <li>A to Z Listing – Design alphabets wise listing as per selected post type and filter with categories</li> <li>Breadcrumbs – Add breadcrmb to your pages or posts</li> <li>Button – Quickly add modern buttons with background pulse effect</li> <li>Copyright Year – Make footer’s copyright year dynamic by just drag & drop with lots of styling & customization options</li> <li>Custom Field – Use post or page custom field into the elementor</li> <li>Document Library – Showcase documents like pdf, doc, image etc. into the tablular format with download link</li> <li>Events – Show events in “Summary”, “Calendar” and “Detail” views. Add events in “Event” custom post type created by the plugin.</li> <li>Event Slider – Show your events into the slider. Add events in “Event” custom post type created by the plugin. You can also enable or disable the single page from Elementor -> Extensions.</li> <li>Flipbox – Use flipbox with slider</li> <li>Google Calendar – Add your google calendar into Elementor</li> <li>Multi Point Map – Design your multi point map with lots of design options</li> <li>Imagebox Repeater – Add image, title & description into slider via elementor repeater</li> <li>Import Templates – Import templates from any site you’ve had already developed</li> <li>Google Map – Add google map as per Address with pin text override</li> <li>Member – Add member listing with “Industrial Sector”, “Status”, “Company Name” filtering options</li> <li>Property Search – Use property search to your main page, it’s provide google autocomplete search functionality.</li> <li>Properties – Property listing with lots of filtering options. Map view, Listing view & Grid view.</li> <li>Scroll Navigation – Convert your sections into Scroll Navigations</li> <li>Table – Insert visually attractive data table anywhere you want</li> <li>Testimonial Swiper – Add testimonial with slider and different layout options</li> </ol> <p>Extensions Works with Elementor Pro Plugin:</p> <ol> <li>Nav Menu – Add “Megamenu” into elementor by using “Description” field of Menus.</li> <li>Nav Menu – Add “Hamburger Scroll” after scroll menu converted into the hamburger.</li> </ol> <p>New Extensions:</p> <ol> <li>Elementor Clickable Column</li> <li>Elementor Stretch Column</li> </ol>

WordPress Plugin Directory

64.9K