VYPR

Card Elements For Elementor

by WordPress

CVEs (2)

  • CVE-2024-43123MedAug 12, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Techeshta Card Elements for Elementor allows Stored XSS.This issue affects Card Elements for Elementor: from n/a through 1.2.2.

  • CVE-2024-13734MedFeb 27, 2025
    risk 0.35cvss 6.4epss 0.00

    The Card Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Profile Card widget in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…