Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider 1.5.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 8, 2024

The Ultimate Store Kit Elementor Addons plugin for WordPress has a security issue in versions 1.5.2 and below. This vulnerability, known as Stored Cross-Site Scripting, occurs because the plugin does not properly filter out harmful code from user input. This means that someone with contributor-level or higher access can insert harmful code into pages, which will then be executed whenever a user visits that page.

Detected in:

Ultimate Store Kit – Addon For WooCommerce, EDD and Elementor fixed vulnerable versions:
Ultimate Store Kit – Elementor powered WooCommerce Builder, 80+ Widgets and Template Builder fixed vulnerable versions: >= * <= 1.5.2

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.