Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2022-29455

Published: 13/06/2022 Updated: 27/06/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 385
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Website Builder

Vulnerability Summary

DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

elementor website builder

Github Repositories

https://github.com/brssec/Every-Single-Day-A-Writeup

This repository is a collection of write-ups that I read every single day.

Every Single Day A Write-up This repository contains bunch of write-ups that I read every single day It won't be a challenge and I will keep this repo updated as long as possible I'm open to write-up suggestions via Twitter DM: Barış Yıldızoğlu 🖤 Day Article Category 1 BigQuery SQL Injection Cheat Sheet SQL Injection 2 How I made $10K in bug bounti

https://github.com/tucommenceapousser/CVE-2022-29455

CVE-2022-29455 Wordpress Vulnerability - XSS ( Cross-Site Scripting ) Vulnerability Location add your target here/wp-content/plugins/elementor/assets/js/frontendminjs Vulnerable Version &lt;= 355 versions Proof of Concept (PoC) add your target here/#elementor-action:action=lightbox&amp;settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3Mn

https://github.com/tucommenceapousser/CVE-2022-29455-mass

CVE-2022-29455 Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress Usage : python cve-2022-29455 listtxt [threads]

https://github.com/akhilkoradiya/CVE-2022-29455

Wordpress Vulnerability - XSS ( Cross-Site Scripting )

CVE-2022-29455 Wordpress Vulnerability - XSS ( Cross-Site Scripting ) Vulnerability Location add your target here/wp-content/plugins/elementor/assets/js/frontendminjs Vulnerable Version &lt;= 355 versions Proof of Concept (PoC) add your target here/#elementor-action:action=lightbox&amp;settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3Mn

https://github.com/yaudahbanh/CVE-2022-29455

Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress

CVE-2022-29455 Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress Usage : python cve-2022-29455 listtxt [threads]

https://github.com/varelsecurity/CVE-2022-29455

CVE-2022-29455

CVE-2022-29455 Wordpress Vulnerability - XSS ( Cross-Site Scripting ) Vulnerability Location add your target here/wp-content/plugins/elementor/assets/js/frontendminjs Vulnerable Version &lt;= 355 versions Proof of Concept (Exploit) add your target here/#elementor-action:action=lightbox&amp;settings=eyJ0eXBlIjoidmlkZW8iLCJ1cmwiOiJodHRwOi8vIiwidmlkZW9U

https://github.com/Alchustan/Every-Single-Day-A-Writeup

This repository is a collection of write-ups that I read every single day.

Every Single Day A Write-up This repository contains bunch of write-ups that I read every single day It won't be a challenge and I will keep this repo updated as long as possible I'm open to write-up suggestions via Twitter DM: Barış Yıldızoğlu 🖤 Day Article Category 1 BigQuery SQL Injection Cheat Sheet SQL Injection 2 How I made $10K in bug bounti

References

CWE-79https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-5-5-unauthenticated-dom-based-reflected-cross-site-scripting-xss-vulnerabilityhttps://wordpress.org/plugins/elementor/#developershttps://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementorhttps://nvd.nist.govhttps://github.com/brssec/Every-Single-Day-A-Writeup
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook