Brainstormforce Elementor Header & Footer Builder — known CVE vulnerabilities
Every CVE whose affected-product data names Brainstormforce Elementor Header & Footer Builder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-1237 — CVSS 6.4 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyout_layout attribute in…
CVE-2024-10325 — CVSS 6.4 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in…
CVE-2024-11230 — CVSS 6.4 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all…
CVE-2024-2618 — CVSS 6.4 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the size attribute in all…
CVE-2024-4634 — CVSS 6.4 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hfe_svg_mime_types’…
CVE-2024-2619 — CVSS 5.0 (medium): The Elementor Header & Footer Builder for WordPress is vulnerable to HTML Injection in all versions up to, and including, 1.6.26 due to…
CVE-2024-10050 — CVSS 4.3 (medium): The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including…