VYPR

Zita Site Library

by WordPress

Source repositories

CVEs (3)

  • CVE-2024-37420CriJul 9, 2024
    risk 0.64cvss 9.9epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in WPZita Zita Elementor Site Library allows Upload a Web Shell to a Web Server.This issue affects Zita Elementor Site Library: from n/a through 1.6.1.

  • CVE-2024-8921MedOct 16, 2024
    risk 0.35cvss 6.4epss 0.00

    The Zita Elementor Site Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…

  • CVE-2024-3249MedJun 25, 2024
    risk 0.21cvss 4.3epss 0.00

    The Zita Elementor Site Library plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_xml_data, xml_data_import, import_option_data, import_widgets, and import_customizer_settings functions in all versions up to,…