cbcvebase.

Brainstormforce Elementor Header Footer Blocks Template vulnerabilities

3 known vulnerabilities affecting brainstormforce/elementor_header_footer_blocks_template.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2021-24256P4MEDIUMCVSS 5.4fixed in 1.5.82021-05-05
CVE-2021-24256 [MEDIUM] CWE-79 CVE-2021-24256: The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets tha The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
nvd
CVE-2024-5757P4MEDIUMCVSS 5.4fixed in 1.6.362024-06-13
CVE-2024-5757 [MEDIUM] CWE-79 CVE-2024-5757: The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Script The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and
nvd
CVE-2024-33933P4MEDIUMCVSS 5.4fixed in 1.6.362024-07-22
CVE-2024-33933 [MEDIUM] CWE-79 CVE-2024-33933: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force, Nikhil Chavan Elementor – Header, Footer & Blocks Template allows DOM-Based XSS.This issue affects Elementor – Header, Footer & Blocks Template: from n/a through 1.6.35.
nvd
Brainstormforce Elementor Header Footer Blocks Template vulnerabilities | cvebase