253 matches found
CVE-2024-53774
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Sparkle Elementor Kit sparkle-elementor-kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through = 2.0.9...
CVE-2024-53774
CVE-2024-53774 is a DOM-based XSS in the Sparkle Elementor Kit for WordPress, caused by improper input neutralization during web page generation. Affected: Sparkle Elementor Kit versions up to and including 2.0.9. The vulnerability enables cross-site scripting via user input during page rendering...
CVE-2024-53774 WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9...
CVE-2024-53774 WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Sparkle Elementor Kit sparkle-elementor-kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through = 2.0.9...
WordPress plugin Sparkle Elementor Kit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-35886 · WordPress · Sparkle Wp Sparkle Elementor Kit
Name of the Vulnerable Software and Affected Versions: Sparkle WP Sparkle Elementor Kit versions through 2.0.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This is a Cross-site...
WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Sparkle Elementor Kit versions = 2.0.9...
CVE-2024-8899
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the rendercontent function in class/elements/views/class-tabs-view.php. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2024-10308
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Countdown widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-10308
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Countdown widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-8899 Jeg Elementor Kit <= 2.6.9 - Authenticated (Contributor+) Sensitive Information Exposure via sg_content_template
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the rendercontent function in class/elements/views/class-tabs-view.php. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress plugin Jeg Elementor Kit 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...
WordPress plugin Jeg Elementor Kit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
PT-2024-39307 · WordPress · Jeg Elementor Kit
Name of the Vulnerable Software and Affected Versions: Jeg Elementor Kit plugin for WordPress versions up to, and including, 2.6.9 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive private, pending, and draft template data. This is...
WordPress Jeg Elementor Kit plugin <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Countdown Widget vulnerability
WordPress Jeg Elementor Kit plugin = 2.6.9 - Authenticated Contributor+ Stored Cross-Site Scripting via JKit - Countdown Widget vulnerability discovered by zer0gh0st in WordPress Plugin Jeg Elementor Kit versions = 2.6.9...
WordPress Jeg Elementor Kit plugin <= 2.6.9 - Authenticated (Contributor+) Sensitive Information Exposure via sg_content_template vulnerability
Authenticated Contributor+ Sensitive Information Exposure via sgcontenttemplate vulnerability discovered by Ankit Patel in WordPress Plugin Jeg Elementor Kit versions = 2.6.9...
WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Sensitive Data Exposure
Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a83345ae77b9 Credits Ankit Patel Required...
WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Cross Site Scripting (XSS)
Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10308 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7709d157b72c Credits zer0gh0st Required...
CVE-2024-51856
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibllex Moose Elementor Kit moose-elementor-kit allows DOM-Based XSS.This issue affects Moose Elementor Kit: from n/a through = 1.0.0...
CVE-2024-51856 WordPress Moose Elementor Kit plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibllex Moose Elementor Kit moose-elementor-kit allows DOM-Based XSS.This issue affects Moose Elementor Kit: from n/a through = 1.0.0...