jeg elementor xss vulnerability

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter carlidev

    (@carlidev)

    Complement : If we go to jeg elementor -> widget -> disable everything, the result is the same. The plugin only needs to be active to have the vulnerability

    Thread Starter carlidev

    (@carlidev)

    we notice the problem locally more easily, once online, the default firewalls of the hosts protect us a little more. there is an xss vulnerability, I have not tested sql injection to see if the presence of the plugin lowers security by default. This would be worth checking

    Plugin Author Fauzan Jegstudio

    (@fauzanjegstudio)

    Hello @carlidev,

    Thank you for informing us; we truly appreciate it.

    We also apologize for any inconvenience caused by this issue.

    We have addressed this problem and will soon update it on wp.org. If you wish to apply the fix immediately, you can add the code from the link below to your site’s functions.php.

    Pastebin: https://pastebin.com/yG5fdmSg

    We hope you can await the update.

    Thank You

    Plugin Author Fauzan Jegstudio

    (@fauzanjegstudio)

    Hello @carlidev,

    How are you?

    We would like to inform you that we have updated the Jeg Elementor Kit, and the fix for this issue has been included in it. Therefore, we will mark this topic as resolved.

    If you have any other concerns to report, please feel free to create a new topic.

    Thank You

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘jeg elementor xss vulnerability’ is closed to new replies.

Tags