Primary

Context

Jeg Elementor Kit Sensitive Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability allowing sensitive information exposure has been identified in the Jeg Elementor Kit plugin for WordPress, affecting all versions through 2.6.11. This vulnerability arises in the 'expired_data' and 'build_content' functions, enabling authenticated attackers with Contributor-level access and above to access private, pending, scheduled, and draft template data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive template data, including private, pending, scheduled, and draft content.

Remediation

Users are advised to update the Jeg Elementor Kit plugin to version 2.6.12 or a newer patched version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Jeg Elementor Kit Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Jeg Elementor Kit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating