JetWidgets For Elementor < 1.0.9 - Contributor+ Stored XSS
The “JetWidgets For Elementor” WordPress Plugin before 1.0.9 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
We’ve verified that the Headline widget is similarly vulnerable via the "header_size" parameter, and the following widgets also appear to be vulnerable to similar exploits:
Images Layout: "title_html_tag" parameter
Services: "services_title_size" parameter
Team Member: "member_name_html_tag" parameter
These vulnerabilities are nearly identical to the vulnerabilities we have recently disclosed in the main Elementor plugin: https://www.wordfence.com/blog/2021/03/cross-site-scripting-vulnerabilities-in-elementor-impact-over-7-million-sites/