CVE-2023-34012: WordPress Premium Addons PRO Plugin <= 2.8.24 is vulnerable to Cross Site Scripting (XSS)
First published: Fri Jun 23 2023(Updated: )
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Leap13 Premium Addons For Elementor | <=2.8.24 |
Remedy
Update to 2.8.25 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-34012.
What is the title of this vulnerability?
The title of this vulnerability is 'Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions.'
What is the severity of CVE-2023-34012?
The severity of CVE-2023-34012 is high with a severity value of 6.1.
What software versions are affected by CVE-2023-34012?
The Premium Addons for Elementor Premium Addons PRO plugin versions <= 2.8.24 are affected by CVE-2023-34012.
How do I fix CVE-2023-34012?
To fix CVE-2023-34012, you should update the Premium Addons for Elementor Premium Addons PRO plugin to a version higher than 2.8.24.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/author
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- agent/weakness
- vendor/leap13
- canonical/leap13 premium addons for elementor
- version/leap13 premium addons for elementor/2.8.24