CVE-2018-18379

Cross Site Scripting (XSS)

Publish date

26th October 2018

Identifier

CVE-2018-18379

Manufacturer

Elementor LTD

Product

Elementor LTD

Patched

Patched on 5th June 2018 in version 2.0.10.

https://elementor.com/pro/changelog/

Authors

Christopher Vella

Description

The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS.

CBEST
CREST STAR
CHECK IT Health Check Service
CREST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
Allianz für Cyber-Sicherheit