João G. Barbosa

**Name of the Vulnerable Software and Affected Versions** Themesflat Addons For Elementor plugin for WordPress versions up to, and including, 2.1.1 **Description** The issue is related to Stored Cross-Site Scripting via widget tags due to insufficient input sanitization and output escaping on user-supplied attributes. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 2.1.1, update to a version later than 2.1.1 to resolve the issue. As a temporary workaround, consider restricting access to widget tags to minimize the risk of exploitation. Additionally, ensure that all user-supplied attributes are properly sanitized and escaped to prevent arbitrary web script injection.

**Name of the Vulnerable Software and Affected Versions** Elegant Addons for elementor plugin for WordPress version 1.0.8 and earlier **Description** The issue is related to Stored Cross-Site Scripting via the plugin's widgets due to insufficient input sanitization and output escaping on user-supplied tag attributes. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. **Recommendations** For versions up to and including 1.0.8, update to a version later than 1.0.8 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress versions up to, and including, 2.0.6.0 **Description** The issue is related to Stored Cross-Site Scripting via the `title html tag` attribute due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 2.0.6.0: Update the plugin to the latest patched version immediately. As a temporary workaround, consider restricting access to the `title html tag` attribute until a patch is available.

**Name of the Vulnerable Software and Affected Versions** The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress versions up to, and including, 3.3.2 **Description** The issue is related to Stored Cross-Site Scripting via the `title tag` parameter due to insufficient input sanitization and output escaping. This allows authenticated attackers with author-level access and above to inject arbitrary web scripts in pages, which will execute when a user accesses an injected page. **Recommendations** For versions up to, and including, 3.3.2, update to a version that addresses the insufficient input sanitization and output escaping issue to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting access to the `title tag` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** The Magical Addons For Elementor plugin versions up to, and including, 1.1.37 **Description** The issue is related to Stored Cross-Site Scripting via the plugin's text effect widget due to insufficient input sanitization and output escaping on user-supplied attributes. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 1.1.37, update to a version higher than 1.1.37 to resolve the issue. As a temporary workaround, consider restricting access to the text effect widget for users with contributor-level access and above until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Elementor Addons, Widgets and Enhancements – Stax plugin for WordPress versions up to, and including, 1.4.4.1 **Description** The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'Heading' widgets. This allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages. These scripts will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 1.4.4.1, update to a version that addresses the insufficient input sanitization and output escaping issue in the 'Heading' widgets.

**Name of the Vulnerable Software and Affected Versions** Creative Addons for Elementor plugin for WordPress versions up to, and including, 1.5.12 **Description** The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's widgets, allowing authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages. These scripts will execute whenever a user accesses an injected page. **Recommendations** For versions up to, and including, 1.5.12, update to a version higher than 1.5.12 to resolve the issue. As a temporary workaround, consider restricting access to the plugin's widgets for users with contributor-level access and above until a patch is available.