Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Elespare – News, Magazine and Blog Elements & Blog Addons for Elementor with Header Footer Builder. One Click Import: No Coding Required! 3.1.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: June 12, 2024

The Elespare plugin for WordPress, which allows users to add different elements to their website, has a security vulnerability. This means that someone with contributor-level access or higher can add harmful scripts to certain pages, which will then run whenever someone visits that page. This issue affects all versions of the plugin up to version 3.1.2.

Detected in:

EleSpare – Elementor Addons for News, Magazine & Blog Sites | 500+ Drag & Drop Templates, Header & Footer Builder, Post Grids, Sliders, Carousels, Lists, Tiles & More fixed vulnerable versions:
Elespare – News, Magazine and Blog Elements & Blog Addons for Elementor with Header Footer Builder. One Click Import: No Coding Required! fixed vulnerable versions: >= * <= 3.1.2
EleSpare — News, Magazine and Blog Addons for Elementor fixed vulnerable versions:
Elespare: Complete Elementor Blog Addons – Post Grids, Sliders, Templates, Header/Footer Builder & Starter Site Imports fixed vulnerable versions:
EleSpare: Dynamic Elementor Addons for News, Blogs & Magazines – 35+ Post Grids, Sliders, Carousels, Lists & Tiles, 350+ Templates, Header/Footer Builder & Fast Import fixed vulnerable versions:
Elespare: Ultimate Blog Addons for Elementor fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.