3 matches found
RHSA-2024:4479
creationtimestamp| type| source ---|---|--- 2025-04-24 19:06:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13317...
CVE-2024-4479 Jeg Elementor Kit <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Tabs and JKit - Accordion Widgets
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sggeneraltoggletabenable and sgaccordionstyle attributes within the plugin's JKit - Tabs and JKit - Accordion widget, respectively, in all versions up to, and including, 2.6.5 due to insufficient input...
WordPress Jeg Elementor Kit Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)
Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.5 Fixed in 2.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4479 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2abdb6faa663 Credits wesley wcraft Required...