3 matches found
CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget
The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...
CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget
The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...
WordPress DethemeKit For Elementor Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)
Software DethemeKit For Elementor Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6283 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ca45127d50d0 Credits Webbernaut...