Crocoblock Jetwidgets_for_elementor

7 CVEs affecting Crocoblock Jetwidgets_for_elementor. Latest disclosed: 2024-11-12. Critical: 0, High: 0.

Top CVEs affecting Crocoblock Jetwidgets_for_elementor
CVESeverityScorePublishedSummary
CVE-2024-10323Medium6.42024-11-12The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and includi…
CVE-2024-4626Medium6.42024-06-20The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘layout_type’ and 'id' parameters in all versions up to…
CVE-2024-2507Medium6.42024-04-09The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget button URL in all versions up to, and including…
CVE-2024-2138Medium6.42024-04-09The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Animated Box widget in all versions up to, and including…
CVE-2023-0034Medium5.42023-02-13The JetWidgets For Elementor WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in a page…
CVE-2023-0086Medium5.42023-01-05The JetWidgets for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.12. This is due to missing…
CVE-2021-24268Medium5.42021-05-05The “JetWidgets For Elementor” WordPress Plugin before 1.0.9 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged u…