Lucene search

CVE-2024-4626 JetWidgets For Elementor <= 1.0.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_type and id Parameters

🗓️ 20 Jun 2024 02:21:08Reported by WordfenceType

JetWidgets For Elementor <= 1.0.17 Stored XS

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Vulnrichment	CVE-2024-4626 JetWidgets For Elementor <= 1.0.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_type and id Parameters	20 Jun 202402:08	–	vulnrichment
CVE	CVE-2024-4626	20 Jun 202402:15	–	cve
RedhatCVE	CVE-2024-4626	23 May 202507:37	–	redhatcve
Patchstack	WordPress JetWidgets For Elementor Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS)	19 Jun 202400:00	–	patchstack
NVD	CVE-2024-4626	20 Jun 202402:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)	27 Jun 202415:00	–	wordfence

[
  {
    "vendor": "jetmonsters",
    "product": "JetWidgets For Elementor",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.0.17",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3103042/jetwidgets-for-elementor/tags/1.0.18/includes/addons/jet-widgets-image-comparison.php
plugins	www.plugins.trac.wordpress.org/changeset/3103042/jetwidgets-for-elementor/tags/1.0.18/includes/addons/jet-widgets-images-layout.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/4457d15e-2c01-498d-b94a-a6e93adcf70c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jun 2024 02:08Current

CVSS36.4

EPSS0.00079