CVE-2024-37541
WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through <= 1.5.0.
| CWE | CWE-79 |
| Vendor | staxwp |
| Product | elementor addons, widgets and enhancements – stax |
| Published | Jul 6, 2024 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for staxwp elementor addons, widgets and enhancements – stax
Be the first to know when new unknown vulnerabilities affecting staxwp elementor addons, widgets and enhancements – stax are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
StaxWP / Elementor Addons, Widgets and Enhancements – Stax
0 ≤ 1.5.0
References
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/stax-addons-for-elementor/vulnerability/wordpress-elementor-addons-widgets-and-enhancements-stax-plugin-1-4-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve patchstack.com: https://patchstack.com/database/vulnerability/stax-addons-for-elementor/wordpress-elementor-addons-widgets-and-enhancements-stax-plugin-1-4-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Credits
Abu Hurayra | Patchstack Bug Bounty Program