CVE-2024-2042
- EPSS 0.3%
- Veröffentlicht 16.03.2024 03:15:07
- Zuletzt bearbeitet 08.04.2026 19:20:58
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Accordion widget in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it po...
CVE-2024-1239
- EPSS 0.21%
- Veröffentlicht 16.03.2024 03:15:06
- Zuletzt bearbeitet 08.04.2026 17:18:17
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blog post read more button in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes i...
CVE-2023-6582
- EPSS 0.62%
- Veröffentlicht 11.01.2024 09:15:49
- Zuletzt bearbeitet 08.04.2026 19:18:57
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekit_widgetarea_content function. This makes it possible for unauthenticated attackers to obtain...
CVE-2021-24258
- EPSS 0.22%
- Veröffentlicht 05.05.2021 19:15:07
- Zuletzt bearbeitet 21.11.2024 05:52:42
The Elements Kit Lite and Elements Kit Pro WordPress Plugins before 2.2.0 have a number of widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.