Knani Alaaeddine

Name of the Vulnerable Software and Affected Versions O plugin Royal Addons for Elementor para WordPress versões até 1.7.1049 Description O plugin Royal Addons for Elementor para WordPress é suscetível a Cross-Site Scripting Persistente através do parâmetro `button text` devido à sanitização e escape de saída inadequados. Isso permite que atacantes autenticados com acesso de nível de colaborador ou superior injetem scripts web arbitrários em páginas. Esses scripts serão executados quando um usuário acessar a página afetada. Recommendations Atualize o plugin Royal Addons for Elementor para uma versão posterior a 1.7.1049.

Name of the Vulnerable Software and Affected Versions ElementsKit Elementor Addons and Templates versões até 3.7.9 Description O plugin ElementsKit Elementor Addons and Templates para WordPress é suscetível a Cross-Site Scripting Persistente (XSS). A questão se deve à sanitização e escape de saída insuficientes em atributos fornecidos pelo usuário. Especificamente, o parâmetro 'ekit tab title' dentro do widget Simple Tab é vulnerável. Atacantes autenticados com acesso de nível de colaborador ou superior podem injetar scripts web arbitrários em páginas. Esses scripts serão executados quando um usuário acessar a página afetada. Recommendations Atualize o ElementsKit Elementor Addons and Templates para uma versão superior a 3.7.9.

**Name of the Vulnerable Software and Affected Versions** Essential Addons for Elementor versions up to and including 6.5.9 **Description** The Essential Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping on user-supplied attributes within the plugin’s Info Box widget. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update Essential Addons for Elementor to a version later than 6.5.9.

**Name of the Vulnerable Software and Affected Versions** ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions through 5.9.7.2 **Description** The ProfileGrid plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This is due to the `update user meta()` function being called without proper user authorization checks in the files public/partials/crop.php and public/partials/coverimg crop.php. Authenticated attackers with Subscriber-level access or higher can modify profile pictures or cover images of any user, including administrators, through the 'pm upload image' and 'pm upload cover image' AJAX actions. **Recommendations** Versions prior to 5.9.7.2 should be updated.

**Name of the Vulnerable Software and Affected Versions** Happy Addons for Elementor plugin versions up to and including 3.20.7 **Description** The Happy Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping in the ` elementor data` meta field. Authenticated attackers with Contributor-level access or higher can inject malicious web scripts into pages. These scripts will then execute whenever a user accesses the compromised page. **Recommendations** Update the Happy Addons for Elementor plugin to a version later than 3.20.7.