CVE-2025-9978 | Jeg Kit for Elementor Plugin up to 2.6.x on WordPress SVG File xmlrpc.php cross site scripting (EUVD-2025-35801)

A vulnerability, which was classified as problematic, has been found in Jeg Kit for Elementor Plugin up to 2.6.x on WordPress. Affected is an unknown function of the file xmlrpc.php of the component SVG File Handler. Performing manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-9978. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More