CVE-2022-47170 | Severity.io

Description

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 1.5.48 versions.

Related CPE's

unlimited-elements

unlimited_elements_for_elementor

wordpress

Vulnerable

References

https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-48-cross-site-scripting-xss?_s_id=cve

Third Party Advisory

Weaknesses

[email protected]

Primary

CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 · Medium

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-28T09:15:07.510

2 years ago

Last modified

2024-10-14T13:43:12.070

9 months ago