CVE-2018-18379

Cross Site Scripting (XSS)

Publish date

26th October 2018

Identifier

CVE-2018-18379

Manufacturer

Elementor LTD

Product

Elementor LTD

Patched

Patched on 5th June 2018 in version 2.0.10.

https://elementor.com/pro/changelog/

Authors

Christopher Vella

Description

The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS.

 

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider