7 matches found
CVE-2025-2944
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-2944
creationtimestamp| type| source ---|---|--- 2025-05-10 06:26:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15885 2025-05-10 06:31:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loscyi2kh32e 2025-05-10 06:58:57+00:00| seen|...
CVE-2025-2944
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-2944
CVE-2025-2944 affects Jeg Elementor Kit (WordPress) up to v2.6.12. Vulnerability: Stored Cross-Site Scripting via Video Button and Countdown Widgets caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated access at contributor...
CVE-2025-2944 Jeg Elementor Kit <= 2.6.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Button and Countdown Widgets
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2025-2944 Jeg Elementor Kit <= 2.6.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Button and Countdown Widgets
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
WordPress Jeg Elementor Kit plugin <= 2.6.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Button and Countdown Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Video Button and Countdown Widgets vulnerability discovered by zer0gh0st in WordPress Plugin Jeg Elementor Kit versions = 2.6.12...