LA-Studio Element Kit for Elementor
LA-Studio
Developer
1.6.0
Latest version
10,000
Installations
No date
Last updated
Vulnerability history
0 present
18 patched
3 Mitigation rules
- Authenticated (Contributor+) Local File Inclusion vulnerability<= 1.3.8.102/02/2026
- Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter vulnerability<= 1.5.6.321/01/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via Table of Contents Widget vulnerability<= 1.4.931/12/2025
- Broken Access Control vulnerability< 1.5.6.315/12/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability<= 1.5.5.106/09/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Image Compare and Google Maps Widgets vulnerability<= 1.5.230/05/2025
- Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via data-lakit-element-link Parameter vulnerability<= 1.5.230/05/2025
- Cross Site Scripting (XSS) vulnerability<= 1.5.104/04/2025
- Authenticated (Contributor+) Post Disclosure vulnerability<= 1.4.403/12/2024
- Authenticated (Contributor+) Local File Inclusion vulnerability<= 1.4.222/11/2024
- Cross Site Scripting (XSS) vulnerability<= 1.3.9.330/09/2024
- Cross Site Scripting (XSS) vulnerability<= 1.3.9.209/08/2024
- Local File Inclusion vulnerability<= 1.3.8.102/07/2024
- Broken Access Control vulnerability<= 1.3.606/06/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 1.3.7.623/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via LaStudioKit Post Author Widget vulnerability<= 1.3.7.503/05/2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 1.3.7.414/03/2024
- Broken Access Control vulnerability<= 1.1.526/12/2023