The ElementsKit plugin for WordPress has a security issue that allows attackers to inject harmful code into website pages. This can occur when using the image comparison widget and its labels, and affects all versions up to 3.5.2. It is possible for authenticated attackers with contributor-level access or higher to do this.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
