CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5161

The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 1.1.39 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.7%

CVSS Severity

CVSS v3 Score 6.4

References

Products affected by CVE-2024-5161

Wpthemespace » Magical Addons For Elementor » Version: N/A

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:-
Wpthemespace » Magical Addons For Elementor » Version: 1.0.0

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.0
Wpthemespace » Magical Addons For Elementor » Version: 1.0.1

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.1
Wpthemespace » Magical Addons For Elementor » Version: 1.0.10

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.10
Wpthemespace » Magical Addons For Elementor » Version: 1.0.17

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.17
Wpthemespace » Magical Addons For Elementor » Version: 1.0.2

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.2
Wpthemespace » Magical Addons For Elementor » Version: 1.0.4

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.4
Wpthemespace » Magical Addons For Elementor » Version: 1.0.5

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.5
Wpthemespace » Magical Addons For Elementor » Version: 1.0.6

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.6
Wpthemespace » Magical Addons For Elementor » Version: 1.0.8

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.8
Wpthemespace » Magical Addons For Elementor » Version: 1.0.9

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.0.9
Wpthemespace » Magical Addons For Elementor » Version: 1.1.0

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.0
Wpthemespace » Magical Addons For Elementor » Version: 1.1.1

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.1
Wpthemespace » Magical Addons For Elementor » Version: 1.1.10

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.10
Wpthemespace » Magical Addons For Elementor » Version: 1.1.11

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.11
Wpthemespace » Magical Addons For Elementor » Version: 1.1.12

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.12
Wpthemespace » Magical Addons For Elementor » Version: 1.1.13

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.13
Wpthemespace » Magical Addons For Elementor » Version: 1.1.14

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.14
Wpthemespace » Magical Addons For Elementor » Version: 1.1.15

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.15
Wpthemespace » Magical Addons For Elementor » Version: 1.1.16

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.16
Wpthemespace » Magical Addons For Elementor » Version: 1.1.18

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.18
Wpthemespace » Magical Addons For Elementor » Version: 1.1.19

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.19
Wpthemespace » Magical Addons For Elementor » Version: 1.1.2

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.2
Wpthemespace » Magical Addons For Elementor » Version: 1.1.20

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.20
Wpthemespace » Magical Addons For Elementor » Version: 1.1.23

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.23
Wpthemespace » Magical Addons For Elementor » Version: 1.1.26

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.26
Wpthemespace » Magical Addons For Elementor » Version: 1.1.27

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.27
Wpthemespace » Magical Addons For Elementor » Version: 1.1.28

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.28
Wpthemespace » Magical Addons For Elementor » Version: 1.1.3

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.3
Wpthemespace » Magical Addons For Elementor » Version: 1.1.31

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.31
Wpthemespace » Magical Addons For Elementor » Version: 1.1.33

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.33
Wpthemespace » Magical Addons For Elementor » Version: 1.1.34

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.34
Wpthemespace » Magical Addons For Elementor » Version: 1.1.35

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.35
Wpthemespace » Magical Addons For Elementor » Version: 1.1.37

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.37
Wpthemespace » Magical Addons For Elementor » Version: 1.1.38

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.38
Wpthemespace » Magical Addons For Elementor » Version: 1.1.39

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.39
Wpthemespace » Magical Addons For Elementor » Version: 1.1.4

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.4
Wpthemespace » Magical Addons For Elementor » Version: 1.1.5

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.5
Wpthemespace » Magical Addons For Elementor » Version: 1.1.6

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.6
Wpthemespace » Magical Addons For Elementor » Version: 1.1.7

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.7
Wpthemespace » Magical Addons For Elementor » Version: 1.1.8

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.8
Wpthemespace » Magical Addons For Elementor » Version: 1.1.9

cpe:2.3:a:wpthemespace:magical_addons_for_elementor:1.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5161

Products

Pricing

Contact Us