CVE-2024-1235

Medium

Low Medium High Critical

6.4

CVSS Score

Published: Feb 29, 2024

Last Modified: Jan 15, 2025

Vulnerability Description

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom class field in all versions up to, and including, 8.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

101 configuration(s) from 1 vendor(s)

addons_for_elementor

Version:

6.9.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.9.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.14

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.14:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.10.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.10.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.9

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.9:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.7.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.7.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.8

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.8:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.9

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.9:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.9.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.9.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.15

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.15:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.0.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.0.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.2.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.2.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.2.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.2.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.1.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.1.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.9.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.9.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.2.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.2.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.7

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.7:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

5.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:5.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

5.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:5.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.7.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.7.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.10

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.10:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.9.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.9.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.9.9

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.9.9:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.12

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.12:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.5.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.5.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.1.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.1.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.9.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.9.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.9.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.9.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.1.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.1.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.8

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.8:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

5.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:5.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.3.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.3.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.9.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.9.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.7.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.7.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

3.0.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:3.0.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.5.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.5.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.3.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.3.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.3.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.3.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.2.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.2.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.9.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.9.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.7.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.7.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.10.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.10.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.01

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.01:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.16

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.16:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.11

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.11:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.2.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.2.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.9

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.9:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.7

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.7:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.9.7

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.9.7:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.7

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.7:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.7

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.7:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

1.2.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:1.2.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.2.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.2.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.6.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.6.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.13

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.13:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.8

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.8:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.2.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.2.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.3.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.3.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.9.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.9.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.7.4

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.7.4:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.5

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.5:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.7.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.7.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.8

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.8:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

4.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:4.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.0.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.0.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.1.6

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.1.6:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

5.1

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:5.1:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

6.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:6.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

7.0

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:7.0:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.2:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

2.3.3

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:2.3.3:*:*:*:*:wordpress:*:*

addons_for_elementor

Version:

8.2.2

CPE:

cpe:2.3:a:livemeshelementor:addons_for_elementor:8.2.2:*:*:*:*:wordpress:*:*

This vulnerability affects 101 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

6.4

out of 10.0

Medium

Key Information

Published Date: February 29, 2024

External Resources

NIST NVD

National Vulnerability Database

CVE Details

Detailed vulnerability info

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

CVE-2024-1235

Vulnerability Description

CVSS Metrics

Known Affected Software

livemeshelementor

References & Resources

Severity Details

Key Information

External Resources

Related News Articles

Veeam Vulnerabilities Expose Backup Servers to RCE Attacks

Multiple Vulnerabilities Identified in Elastic Products

Weekly Cybersecurity Update: MongoDB Attacks, Wallet Breaches, Android Spyware, and More

Foxit Security Advisory: Multiple Vulnerabilities Identified