cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10316,https://securityvulnerability.io/vulnerability/CVE-2024-10316,Stratum Widgets Vulnerable to Sensitive Information Exposure,"The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4 in includes/templates/content-switcher.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.",Wordpress,Stratum – Elementor Widgets,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-11-21T11:02:19.230Z,0
CVE-2024-5611,https://securityvulnerability.io/vulnerability/CVE-2024-5611,Stored Cross-Site Scripting Vulnerability in Elementor Widgets Plugin,"The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘label_years’ attribute within the Countdown widget in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,Stratum – Elementor Widgets,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-06-15T09:43:51.193Z,0