Choijun La-studio Element Kit For Elementor
11 CVEs affecting Choijun La-studio Element Kit For Elementor. Latest disclosed: 2026-01-22. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0920 | Critical | 9.8 | 2026-01-22 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This… |
CVE-2024-10873 | High | 8.8 | 2024-11-23 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the _load_te… |
CVE-2024-5349 | High | 8.8 | 2024-07-02 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_s… |
CVE-2025-8360 | Medium | 6.4 | 2025-09-06 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets in all versions u… |
CVE-2025-4944 | Medium | 6.4 | 2025-05-30 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Compare and Google Maps widget… |
CVE-2025-4943 | Medium | 6.4 | 2025-05-30 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all ve… |
CVE-2025-3106 | Medium | 6.4 | 2025-04-18 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all vers… |
CVE-2024-4431 | Medium | 6.4 | 2024-05-23 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and inc… |
CVE-2024-3005 | Medium | 6.4 | 2024-05-02 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's LaStudioKit Post Author widget in al… |
CVE-2024-2249 | Medium | 6.4 | 2024-03-14 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widget… |
CVE-2024-10787 | Medium | 4.3 | 2024-12-04 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'element… |