Yingning620

**Name of the Vulnerable Software and Affected Versions** Pagekit version 1.0.18 **Description** The issue is related to Cross Site Scripting (XSS) in the "index.php/admin/site/widget" endpoint. This means an attacker could potentially inject malicious scripts into the website, affecting users who visit the compromised page. **Recommendations** For Pagekit version 1.0.18, as a temporary workaround, consider restricting access to the "index.php/admin/site/widget" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.