2 matches found
WordPress Jeg Elementor Kit Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)
Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.2 Fixed in 2.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1326 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 95ce2c6f1504 Credits RandomRoot Required...
CVE-2024-1326
CVE-2024-1326 : Jeg Elementor Kit for WordPress is vulnerable to Stored Cross-Site Scripting via HTML tag attributes in versions up to 2.6.2 due to insufficient input sanitization/output escaping. Authentication at contributor level or higher is required to inject scripts, which may execute for u...