WidgetKit — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in WidgetKit, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-49074	WordPress WidgetKit plugin <= 2.5.4 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2025-06-06
CVE-2024-37428	WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-07-22
CVE-2024-34548	WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-05-08
CVE-2024-33908	WordPress WidgetKit plugin <= 2.5.0 - Broken Access Control vulnerability CWE-862	5.3	Medium	2024-05-06

All 4 known CVE vulnerabilities affecting WidgetKit with full Chinese analysis, references, and POCs where available.