WordPress JetElements For Elementor Plugin <= 2.6.10 is vulnerable to Remote Code Execution (RCE)
CVE-2023-39157
9CRITICAL
What is CVE-2023-39157?
A Code Injection vulnerability exists in the Crocoblock JetElements plugin for Elementor, allowing an attacker to execute arbitrary code due to improper validation within the application. This weakness affects versions from n/a to 2.6.10, posing significant risks to websites using this plugin. If exploited, this vulnerability could enable attackers to gain unauthorized control over affected installations.
Affected Version(s)
JetElements For Elementor <= 2.6.10