CVE-2024-3647
published 2024-05-02CVE-2024-3647: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to…
PriorityP430medium6.4CVSS 3.1
AVNACLPRLUINSCCLILAN
EPSS
0.44%
35.4th percentile
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This requires the premium version of the plugin to be installed and activated in order to be exploited.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| leap13 | premium_addons_for_elementor | < 4.10.29 | 4.10.29 |
| leap13 | premium_addons_for_elementor_powerful_elementor_templates_widgets | <= 4.10.28 | — |
| linux | linux_kernel | >= 0 < 6.1.119-1 | 6.1.119-1 |
| linux | linux_kernel | >= 0 < 6.11.7-1 | 6.11.7-1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2024-50228: In the Linux kernel, the following vulnerability has been resolved:
mm: shmem: fix data-race in shmem_getattr()
I got the following KCSAN report dur
osv·2024-11-09
CVE-2024-50228 CVE-2024-50228: In the Linux kernel, the following vulnerability has been resolved:
mm: shmem: fix data-race in shmem_getattr()
I got the following KCSAN report dur
In the Linux kernel, the following vulnerability has been resolved:
mm: shmem: fix data-race in shmem_getattr()
I got the following KCSAN report during syzbot testing:
BUG: KCSAN: data-race in generic_fillattr / inode_set_ctime_current
write to 0xffff888102eb3260 of 4 bytes by task 6565 on cpu 1:
inode_set_ctime_to_ts include/linux/fs.h:1638 [inline]
inode_set_ctime_current+0x169/0x1d0 fs/inode.c:2626
shmem_mknod+0x117/0x180 mm/shmem.c:3443
shmem_create+0x34/0x40 mm/shmem.c:3497
lookup_open fs/namei.c:3578 [inline]
open_last_lookups fs/namei.c:3647 [inline]
path_openat+0xdbc/0x1f00 fs/namei.c:3883
do_filp_open+0xf7/0x200 fs/namei.c:3913
do_sys_openat2+0xab/0x120 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [in
GHSA
GHSA-qhh4-7q77-h8mr: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions
ghsa_unreviewed·2024-05-02
CVE-2024-3647 [MEDIUM] CWE-79 GHSA-qhh4-7q77-h8mr: The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post ticker widget in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This requires the premium version of the plugin to be installed and activated in order to be exploited.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/3075668/premium-addons-for-elementor/trunk/widgets/premium-post-ticker.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/48fdece5-2996-426f-b77c-ae0b35bcd0ce?source=cvehttps://plugins.trac.wordpress.org/changeset/3075668/premium-addons-for-elementor/trunk/widgets/premium-post-ticker.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/48fdece5-2996-426f-b77c-ae0b35bcd0ce?source=cve
2024-05-02
Published