CVE-2024-32505
WordPress ElementsKit Elementor addons plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roxnor ElementsKit Elementor addons Lite elementskit-lite.This issue affects ElementsKit Elementor addons Lite: from n/a through <= 3.0.6.
| CWE | CWE-79 |
| Vendor | roxnor |
| Product | elementskit elementor addons lite |
| Published | Apr 17, 2024 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for roxnor elementskit elementor addons lite
Be the first to know when new unknown vulnerabilities affecting roxnor elementskit elementor addons lite are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Roxnor / ElementsKit Elementor addons Lite
0 ≤ 3.0.6
References
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/elementskit-lite/vulnerability/wordpress-elementskit-elementor-addons-plugin-3-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve patchstack.com: https://patchstack.com/database/vulnerability/elementskit-lite/wordpress-elementskit-elementor-addons-plugin-3-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve
Credits
Ngô Thiên An (ancorn_ from VNPT-VCI) | Patchstack Bug Bounty Program