Lucene search
+L

3 matches found

Cvelist
Cvelist
added 2024/06/27 4:38 a.m.35 views

CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...

5.4CVSS0.00317EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/27 4:38 a.m.14 views

CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...

5.4CVSS5.8AI score0.00317EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.21 views

WordPress DethemeKit For Elementor Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software DethemeKit For Elementor Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6283 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ca45127d50d0 Credits Webbernaut...

5.4CVSS5.8AI score0.00317EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder