CVE-2024-13548 | dotrex Power Ups for Elementor Plugin up to 1.2.2 on WordPress Shortcode magic-button cross site scripting

Posted by Angelo Barbosa | Jan 25, 2025 | CVE

A vulnerability has been found in dotrex Power Ups for Elementor Plugin up to 1.2.2 on WordPress and classified as problematic. This vulnerability affects the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-13548. The attack can be initiated remotely. There is no exploit available.

CVE-2024-13548 | dotrex Power Ups for Elementor Plugin up to 1.2.2 on WordPress Shortcode magic-button cross site scripting

Related Posts

CVE-2024-44191 | Apple tvOS Bluetooth improper authorization

CVE-2024-10479 | LinZhaoguan pb-cms up to 2.0.1 Theme Management Module /admin#themes cross site scripting (IAYHUP)

CVE-2024-45318 | SonicWall SMA100 up to 10.2.1.13-72sv Web Management Interface stack-based overflow (SNWLID-2024-0018)

CVE-2024-2414 | Movistar Router 4G S_WLD71-T1_v2.0.201820 unprotected primary channel