Product:

Sitekit

(Sitekit_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2023-10-20 CVE-2023-5071 The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sitekit_iframe' shortcode in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Sitekit 5.4
2023-09-27 CVE-2023-27628 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Webvitaly Sitekit plugin <= 1.3 versions. Sitekit 5.4