CVE-2026-3034 | OoohBoi Steroids for Elementor Plugin up to 2.1.24 on WordPress URL Parameter cross site scripting

Inserito da Angelo Barbosa | Mar 4, 2026 | CVE

A vulnerability labeled as problematic has been found in OoohBoi Steroids for Elementor Plugin up to 2.1.24 on WordPress. This vulnerability affects unknown code of the component URL Parameter Handler. Executing a manipulation of the argument _ob_spacerat_link/_ob_bbad_link/_ob_teleporter_link can lead to cross site scripting.

This vulnerability is handled as CVE-2026-3034. The attack can be executed remotely. There is not any exploit available.

CVE-2026-3034 | OoohBoi Steroids for Elementor Plugin up to 2.1.24 on WordPress URL Parameter cross site scripting

Post correlati

CVE-2024-44263 | Apple iOS/iPadOS up to 18.0 state issue

CVE-2025-8127 | deerwms deer-wms-2 up to 3.3 /system/user/list params[dataScope] sql injection (ICLQT8)

CVE-2024-3771 | PHPGurukul Student Record System 3.20 /edit-subject.php sub1/sub2/sub3/sub4/udate sql injection

CVE-2024-13564 | apollo13themes Rife Elementor Extensions & Templates Plugin up to 1.2.5 on WordPress Shortcode cross site scripting