Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress, with AI-generated Chinese analysis, references, and POCs.

Vendor: jegtheme

CVE IDTitleCVSSSeverityPublished
CVE-2025-14275 Jeg Elementor Kit <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget CWE-79 6.4 Medium2026-01-08
CVE-2025-2944 Jeg Elementor Kit <= 2.6.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Button and Countdown Widgets CWE-79 6.4 Medium2025-05-10
CVE-2024-13217 Jeg Elementor Kit <= 2.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via Countdown and Off-Canvas CWE-359 4.3 Medium2025-02-27
CVE-2024-10308 Jeg Elementor Kit <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Countdown Widget CWE-79 6.4 Medium2024-11-26
CVE-2024-8899 Jeg Elementor Kit <= 2.6.9 - Authenticated (Contributor+) Sensitive Information Exposure via sg_content_template CWE-200 4.3 Medium2024-11-26
CVE-2024-6804 Jeg Elementor Kit <= 2.6.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File CWE-79 6.4 Medium2024-08-27
CVE-2024-4479 Jeg Elementor Kit <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Tabs and JKit - Accordion Widgets CWE-79 6.4 Medium2024-06-15
CVE-2024-3161 Jeg Elementor Kit <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget CWE-79 6.4 Medium2024-05-02
CVE-2024-3819 Jeg Elementor Kit <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Banner CWE-79 6.4 Medium2024-05-02
CVE-2024-0334 Jeg Elementor Kit <= 2.6.4 - Authenticated (Contributor+) Cross-Site Scripting via Elementor Widget URL Custom Attributes CWE-79 6.4 Medium2024-05-01
CVE-2024-3162 Jeg Elementor Kit <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial CWE-87 6.4 Medium2024-04-03
CVE-2024-1327 Jeg Elementor Kit <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box CWE-79 6.4 Medium2024-04-03
CVE-2024-1326 Jeg Elementor Kit <= 2.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags CWE-79 6.4 Medium2024-03-12
CVE-2022-3794 Jeg Elementor Kit <= 2.5.6 - Authorization Bypass CWE-639 5.4 Medium2022-12-22
CVE-2022-3805 Jeg Elementor Kit <= 2.5.6 - Unauthenticated Authorization Bypass CWE-639 8.6 High2022-12-22

All 15 known CVE vulnerabilities affecting Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress with full Chinese analysis, references, and POCs where available.