CVE-2024-13217

by Fred · 27/02/2025

The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11 via the ‘expired_data’ and ‘build_content’ functions. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, scheduled, and draft template data.

More information : https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/trunk/class/elements/views/class-countdown-view.php#L107

CVE-2024-13217

Similar

Recent Posts

Categories

CVE-2024-13217

Share this:

Similar

Recent Posts

Categories

Tags