WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-32241
7.1HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 29 August 2023
What is CVE-2023-32241?
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in the WPDeveloper Essential Addons for Elementor Pro plugin affecting versions 5.4.8 and below. This vulnerability can be exploited by attackers to inject malicious scripts into web pages, potentially compromising the security of user sessions and leading to data theft or unauthorized actions on behalf of the user.
Affected Version(s)
Essential Addons for Elementor Pro <= 5.4.8