Vulnerabilities

CVE-2025-9978

by Fred · 24/10/2025

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability.

More information : https://wpscan.com/vulnerability/cef78a77-c66d-4d62-8d49-140ca2d04d5b/

Similar

Tags: Cybersecurity Alert