Jegtheme Jeg Kit For Elementor – Powerful Addons For Elementor, Widgets & Templates For Wordpress
16 CVEs affecting Jegtheme Jeg Kit For Elementor – Powerful Addons For Elementor, Widgets & Templates For Wordpress. Latest disclosed: 2026-05-02. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-3805 | High | 8.6 | 2022-12-22 | The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and… |
CVE-2026-6916 | Medium | 6.4 | 2026-05-02 | The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting… |
CVE-2025-14275 | Medium | 6.4 | 2026-01-08 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.0.1 due to insufficient input s… |
CVE-2025-2944 | Medium | 6.4 | 2025-05-10 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up… |
CVE-2024-10308 | Medium | 6.4 | 2024-11-26 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Countdown widget in all versions up to, and inc… |
CVE-2024-6804 | Medium | 6.4 | 2024-08-27 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.7 due to… |
CVE-2024-4479 | Medium | 6.4 | 2024-06-15 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the sg_general_toggle_tab_enable and sg_accordion_style attributes… |
CVE-2024-3161 | Medium | 6.4 | 2024-05-02 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget's attributes in all versions up to, and includ… |
CVE-2024-3819 | Medium | 6.4 | 2024-05-02 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's JKit - Banner widget in all versions up to, and includ… |
CVE-2024-0334 | Medium | 6.4 | 2024-05-01 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attribute of a link in several Elementor widgets in all… |
CVE-2024-3162 | Medium | 6.4 | 2024-04-03 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget Attributes in all versions up to, and includ… |
CVE-2024-1327 | Medium | 6.4 | 2024-04-03 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's image box widget in all versions up to, and including… |
CVE-2024-1326 | Medium | 6.4 | 2024-03-12 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tag attributes in all versions up to, and including, 2.6.2 due… |
CVE-2022-3794 | Medium | 5.4 | 2022-12-22 | The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticate… |
CVE-2024-13217 | Medium | 4.3 | 2025-02-27 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11 via the 'expired_data'… |
CVE-2024-8899 | Medium | 4.3 | 2024-11-26 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the render_content f… |