CVE-2024-2042
- EPSS 0.23%
- Published 16.03.2024 03:15:07
- Last modified 17.01.2025 19:57:25
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it po...
CVE-2024-1239
- EPSS 0.21%
- Published 16.03.2024 03:15:06
- Last modified 17.01.2025 18:34:30
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blog post read more button in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2023-6582
- EPSS 0.46%
- Published 11.01.2024 09:15:49
- Last modified 21.11.2024 08:44:08
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekit_widgetarea_content function. This makes it possible for unauthenticated attackers to obtain...
CVE-2021-24258
- EPSS 0.22%
- Published 05.05.2021 19:15:07
- Last modified 21.11.2024 05:52:42
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.