mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-12 05:11:38 +02:00
0xMarcio
963 B
963 B
CVE-2021-24261
&color=brighgreen)
Description
The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
POC
Reference
- https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/
- https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem/
Github
No PoCs found on GitHub currently.