VYPR

Timeline Widget For Elementor

by WordPress

CVEs (2)

  • CVE-2023-49755MedDec 9, 2024
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2.

  • CVE-2024-0977MedFeb 7, 2024
    risk 0.29cvss 4.4epss 0.00

    The Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image URLs in the plugin's timeline widget in all versions up to, and including, 1.5.3 due to insufficient input…