Lucene search
+L

3 matches found

Vulnrichment
Vulnrichment
added 2024/06/15 2:2 a.m.20 views

CVE-2024-4479 Jeg Elementor Kit <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Tabs and JKit - Accordion Widgets

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sggeneraltoggletabenable and sgaccordionstyle attributes within the plugin's JKit - Tabs and JKit - Accordion widget, respectively, in all versions up to, and including, 2.6.5 due to insufficient input...

6.4CVSS5.8AI score0.00401EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/06/15 2:2 a.m.34 views

CVE-2024-4479 Jeg Elementor Kit <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Tabs and JKit - Accordion Widgets

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sggeneraltoggletabenable and sgaccordionstyle attributes within the plugin's JKit - Tabs and JKit - Accordion widget, respectively, in all versions up to, and including, 2.6.5 due to insufficient input...

6.4CVSS0.00401EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/06/15 12:0 a.m.7 views

PT-2024-31250 · WordPress · Jeg Elementor Kit

Name of the Vulnerable Software and Affected Versions: Jeg Elementor Kit plugin for WordPress versions up to, and including, 2.6.5 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the sg general toggle tab enable and sg...

6.4CVSS6.3AI score0.00401EPSS
Exploits0References10
Rows per page
Query Builder