Lucene search

Sitekit Security Vulnerabilities

cve

CVE-2024-29111

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webvitaly Sitekit allows Stored XSS.This issue affects Sitekit: from n/a through...

6.5CVSS

7.2AI Score

0.0004EPSS

2024-03-19 03:15 PM

cve

CVE-2023-5071

The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sitekit_iframe' shortcode in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...

5.4CVSS

6.2AI Score

0.001EPSS

2023-10-20 07:15 AM

cve

CVE-2023-27628

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Webvitaly Sitekit plugin <= 1.3...

5.4CVSS

5.5AI Score

0.0004EPSS

2023-09-27 03:18 PM