Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/01 7:33 a.m.12 views

CVE-2025-4943

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00231EPSS
Exploits0References1
Circl
Circl
added 2025/05/30 8:7 a.m.24 views

CVE-2025-4943

creationtimestamp| type| source ---|---|--- 2025-05-30 08:07:30+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqerjzcbzwe2...

6.4CVSS7AI score0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/30 6:42 a.m.15 views

CVE-2025-4943 LA-Studio Element Kit for Elementor <= 1.5.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via data-lakit-element-link Parameter

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00231EPSS
Exploits0References4
CVE
CVE
added 2025/05/30 6:42 a.m.62 views

CVE-2025-4943

The CVE-2025-4943 entry concerns the LA-Studio Element Kit for Elementor WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability via the data-lakit-element-link parameter present in all versions up to and including 1.5.2, caused by insufficient input sanitization and outp...

6.4CVSS5.7AI score0.00231EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder