CVE-2023-39157

Name of the Vulnerable Software and Affected Versions Crocoblock JetElements For Elementor versions 2.6.10 and earlier

Description The issue is related to an Improper Control of Generation of Code ('Code Injection') vulnerability. This allows for code injection, which can be exploited by attackers. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions 2.6.10 and earlier, update to a version later than 2.6.10 to resolve the issue. As a temporary workaround, consider restricting access to vulnerable components of the JetElements For Elementor plugin until a patch is available.