7 matches found
CVE-2026-6916
The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sgcontentnumberprefix' parameter in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output...
CVE-2026-6916
The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sgcontentnumberprefix' parameter in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output...
CVE-2026-6916 Jeg Kit for Elementor <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sg_content_number_prefix' Shortcode Attribute
The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sgcontentnumberprefix' parameter in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output...
CVE-2025-9978
The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...
CVE-2025-9978
The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...
EUVD-2025-35801
The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...
PT-2025-43583
Name of the Vulnerable Software and Affected Versions Jeg Kit for Elementor WordPress plugin versions prior to 2.7.0 Description The Jeg Kit for Elementor WordPress plugin does not properly sanitize SVG file contents when uploaded through the xmlrpc.php file, which can result in a cross-site...