Descrição
In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_size’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2021-24205
Tags
Nâo informado
Data de publicação
05/04/2021
Última atualização
24/02/2022
Pontuação em CVSS 3.0
5.4
Médio