Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/01 7:33 a.m.11 views

CVE-2025-4943

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00231EPSS
Exploits0References1
Circl
Circl
added 2025/05/30 8:7 a.m.24 views

CVE-2025-4943

creationtimestamp| type| source ---|---|--- 2025-05-30 08:07:30+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqerjzcbzwe2...

6.4CVSS7AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2025/05/30 6:42 a.m.61 views

CVE-2025-4943

The CVE-2025-4943 entry concerns the LA-Studio Element Kit for Elementor WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability via the data-lakit-element-link parameter present in all versions up to and including 1.5.2, caused by insufficient input sanitization and outp...

6.4CVSS5.7AI score0.00231EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/30 6:42 a.m.15 views

CVE-2025-4943 LA-Studio Element Kit for Elementor <= 1.5.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via data-lakit-element-link Parameter

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00231EPSS
Exploits0References4
Rows per page
Query Builder