Vulnerability history

Authenticated (Contributor+) Cross-Site Scripting via Elementor Widget URL Custom Attributes vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Author+ Stored XSS vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Video Button and Countdown Widgets vulnerability

Authenticated (Contributor+) Sensitive Information Exposure via Countdown and Off-Canvas vulnerability

WordPress Jeg Elementor Kit plugin <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Countdown Widget vulnerability

Authenticated (Contributor+) Sensitive Information Exposure via sg_content_template vulnerability

Cross Site Scripting (XSS) vulnerability

Authenticated (Author+) Stored Cross-Site Scripting via SVG File vulnerability

Authenticated Stored Cross-Site Scripting vulnerability

WordPress Jeg Elementor Kit plugin <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Banner vulnerability

Cross Site Scripting (XSS) vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box andTestimonial vulnerability

Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags vulnerability

Cross Site Scripting (XSS) vulnerability

Unauthenticated Settings Update vulnerability

Subscriber+ Authorization Bypass vulnerability