Choijun La-studio Element Kit For Elementor

11 CVEs affecting Choijun La-studio Element Kit For Elementor. Latest disclosed: 2026-01-22. Critical: 1, High: 2.

Top CVEs affecting Choijun La-studio Element Kit For Elementor
CVESeverityScorePublishedSummary
CVE-2026-0920Critical9.82026-01-22The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This…
CVE-2024-10873High8.82024-11-23The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the _load_te…
CVE-2024-5349High8.82024-07-02The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_s…
CVE-2025-8360Medium6.42025-09-06The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's widgets in all versions u…
CVE-2025-4944Medium6.42025-05-30The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Compare and Google Maps widget…
CVE-2025-4943Medium6.42025-05-30The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all ve…
CVE-2025-3106Medium6.42025-04-18The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all vers…
CVE-2024-4431Medium6.42024-05-23The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and inc…
CVE-2024-3005Medium6.42024-05-02The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's LaStudioKit Post Author widget in al…
CVE-2024-2249Medium6.42024-03-14The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LinkWrapper attribute found in several widget…
CVE-2024-10787Medium4.32024-12-04The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'element…