{
  "variant_id": "jetwidgets-pricing-table-features-item-text-xss-bypass-1.0.22",
  "created_at": "2026-07-02T18:00:00Z",
  "variant_summary": "Stored XSS bypass in JetWidgets For Elementor 1.0.22: the Pricing Table widget's features_list/item_text setting is rendered raw through __loop_item() without escaping, allowing an author to inject <script> tags that execute for any page visitor.",
  "relation": "newer_version_sibling",
  "origin_kind": "pruva_variant",
  "repository": "jetmonsters/jetwidgets-for-elementor",
  "submitted_target": {
    "target_kind": "wordpress_plugin_version",
    "version": "1.0.21",
    "ref": "tags/1.0.21",
    "display": "JetWidgets For Elementor 1.0.21 (WordPress.org SVN)"
  },
  "variant_target": {
    "target_kind": "wordpress_plugin_version",
    "commit_sha": "3594346",
    "version": "1.0.22",
    "ref": "tags/1.0.22",
    "display": "JetWidgets For Elementor 1.0.22 (WordPress.org SVN revision 3594346)"
  },
  "same_root_cause_confidence": "high",
  "same_surface_confidence": "medium",
  "claimed_surface": "viewer_document",
  "validated_surface": "viewer_document",
  "required_entrypoint_kind": "wordpress_page",
  "required_entrypoint_detail": "published WordPress page containing a JetWidgets Pricing Table widget with a malicious features_list item_text",
  "attacker_controlled_input": "pricing_table features_list repeater item_text field containing raw HTML such as <script>alert(1)</script>",
  "trigger_path": "published WordPress page rendered by Elementor + JetWidgets Pricing Table widget",
  "observed_impact_class": "stored cross-site scripting (XSS)",
  "exploitability_confidence": "high",
  "evidence_scope": "production_path",
  "runtime_manifest_present": true,
  "end_to_end_target_reached": true,
  "inferred": false,
  "file_path": "templates/jw-pricing-table/global/features-loop-item.php",
  "line_start": 13,
  "line_end": 13,
  "secondary_anchors": [
    {
      "file_path": "includes/base/class-jet-widgets-base.php",
      "line_start": 144,
      "line_end": 163
    },
    {
      "file_path": "includes/addons/jet-widgets-pricing-table.php",
      "line_start": 267,
      "line_end": 272
    },
    {
      "file_path": "includes/addons/jet-widgets-pricing-table.php",
      "line_start": 289,
      "line_end": 313
    }
  ],
  "review_scope_paths": [
    "templates/jw-pricing-table/global/features-loop-item.php",
    "templates/jw-pricing-table/global/heading.php",
    "templates/jw-pricing-table/global/price.php",
    "templates/jw-pricing-table/global/action.php",
    "templates/jw-pricing-table/global/button.php",
    "includes/base/class-jet-widgets-base.php",
    "includes/addons/jet-widgets-pricing-table.php"
  ],
  "artifact_refs": {
    "variant_manifest": "vuln_variant/variant_manifest.json",
    "validation_verdict": "vuln_variant/validation_verdict.json",
    "runtime_manifest": "vuln_variant/runtime_manifest.json",
    "repro_log": "logs/vuln_variant/variant_reproduction.log",
    "root_cause_equivalence": "vuln_variant/root_cause_equivalence.json",
    "reproducer": [
      "vuln_variant/reproduction_steps.sh"
    ]
  }
}
