3 matches found
CVE-2024-10324
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the registercontrols function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access a...
CVE-2024-10324 RomethemeKit For Elementor <= 1.5.2 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the registercontrols function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access a...
CVE-2024-10324
CVE-2024-10324 (RomethemeKit For Elementor, WordPress) is an authenticated information disclosure vulnerability affecting versions up to and including 1.5.2. The flaw resides in the register_controls function of widgets/offcanvas-rometheme.php, enabling attackers with Contributor-level access or ...