3 matches found
CVE-2025-0371
creationtimestamp| type| source ---|---|--- 2025-01-21 08:32:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113865413956449112 2025-01-21 09:01:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2377 2025-01-21 09:16:02+00:00| seen|...
CVE-2025-0371 Jet Elements <= 2.7.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...
CVE-2025-0371 Jet Elements <= 2.7.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...