CVE-2025-4943
- EPSS 0.05%
- Veröffentlicht 30.05.2025 06:42:49
- Zuletzt bearbeitet 04.06.2025 18:31:24
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escapi...
CVE-2024-10873
- EPSS 0.17%
- Veröffentlicht 23.11.2024 05:15:06
- Zuletzt bearbeitet 12.07.2025 00:43:50
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the _load_template function. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-37479
- EPSS 1.05%
- Veröffentlicht 02.07.2024 08:15:06
- Zuletzt bearbeitet 10.07.2025 22:41:24
Local File Inclusion vulnerability in LA-Studio LA-Studio Element Kit for Elementor via "LaStudioKit Progress Bar" widget in New Post, specifically in the "progress_type" attribute.This issue affects LA-Studio Element Kit for Elementor: from n/a thro...
CVE-2024-5349
- EPSS 0.49%
- Veröffentlicht 02.07.2024 05:15:10
- Zuletzt bearbeitet 21.11.2024 09:47:28
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-35725
- EPSS 0.49%
- Veröffentlicht 10.06.2024 08:15:50
- Zuletzt bearbeitet 21.11.2024 09:20:45
Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor.This issue affects LA-Studio Element Kit for Elementor: from n/a through 1.3.6.