Exploit for #VU65734 DOM-based cross-site scripting in Elementor Page Builder

Published: 2022-07-24 | Updated: 2023-03-22

Vulnerability identifier: #VU65734

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-29455

CWE-ID: CWE-79

Exploitation vector: Network

Exploits in database: 6

March 22, 2023
- CVE-2022-29455 (Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress) [Github]
February 12, 2023
- CVE-2022-29455 (CVE-2022-29455) [Github]
November 28, 2022
- CVE-2022-29455 (DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. ) [Github]
September 5, 2022
- CVE-2022-29455 (Wordpress Vulnerability - XSS ( Cross-Site Scripting )) [Github]
August 31, 2022
- cve-2022-29455 (cve-2022-29455 elementor wordpress plugin xss exploit) [Github]
July 24, 2022
- Wordpress_xss-CVE-2022-29455 () [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
Elementor Page Builder
Web applications / Modules and components for CMS

Vendor: Elementor.com