Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:28 a.m.14 views

CVE-2024-5418

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2024/05/31 3:15 a.m.34 views

CVE-2024-5418

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.9AI score0.00321EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/05/31 2:41 a.m.16 views

CVE-2024-5418 DethemeKit For Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slitems Attribute

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.00321EPSS
Exploits0References5
CVE
CVE
added 2024/05/31 2:41 a.m.67 views

CVE-2024-5418

CVE-2024-5418 : The DethemeKit For Elementor WordPress plugin has a Stored Cross-Site Scripting (XSS) flaw in the De Product Tab & Slide widget via the slitems attribute. The issue affects all versions up to 2.1.4 due to insufficient input sanitization and output escaping for user-supplied attrib...

6.4CVSS5.9AI score0.00321EPSS
Exploits0References5Affected Software1
Patchstack
Patchstack
added 2024/05/31 12:0 a.m.20 views

WordPress DethemeKit For Elementor Plugin <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)

Software DethemeKit For Elementor Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5418 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1bc6009e9b12 Credits wesley wcraft...

6.4CVSS5.8AI score0.00321EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder