CVE-2020-7109Website Builder vulnerability

3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.9%
top 24.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Elementor Website Builder
Timeline
PublishedJan 22
Latest updateMay 24

Description

The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3fq5-c2gj-gmqj: The Elementor Page Builder plugin before 22022-05-24
CVEList
CVE-2020-7109: The Elementor Page Builder plugin before 22020-01-22
CVE-2020-7109 — Elementor Website Builder vulnerability | cvebase