Jegtheme Jeg Elementor Kit — known CVE vulnerabilities
Every CVE whose affected-product data names Jegtheme Jeg Elementor Kit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2022-3805 — CVSS 8.6 (high): The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in…
CVE-2024-29101 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows…
CVE-2024-32721 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows…
CVE-2024-47390 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme Jeg Elementor Kit…
CVE-2024-1326 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tag attributes in all versions up to, and…
CVE-2024-1327 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's image box widget in all versions…
CVE-2024-3161 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget's attributes in all…
CVE-2024-3162 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget Attributes in all…
CVE-2024-3819 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Banner widget in all…
CVE-2024-4479 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sg_general_toggle_tab_enable and…
CVE-2024-0334 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attribute of a link in several…
CVE-2024-10308 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Countdown widget in all…
CVE-2024-6804 — CVSS 6.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and…
CVE-2022-3794 — CVSS 5.4 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including…
CVE-2024-13217 — CVSS 4.3 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11 via…
CVE-2024-8899 — CVSS 4.3 (medium): The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via…