WordPress DethemeKit For Elementor plugin <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via De Gallery Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via De Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin DethemeKit For Elementor versions = 2.1.8...

CVE-2024-13644

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-13644 DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2025-6591 · WordPress · Dethemekit For Elementor

Name of the Vulnerable Software and Affected Versions: DethemeKit For Elementor plugin for WordPress versions up to, and including, 2.1.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's De Gallery widget due to insufficient input sanitization and output escaping ...

WordPress DethemeKit For Elementor plugin <= 2.1.5 - Contributor+ Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget vulnerability

Contributor+ Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget vulnerability discovered by Webbernaut in WordPress Plugin DethemeKit For Elementor versions = 2.1.5...

CVE-2024-6283

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...

CVE-2024-6283

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...

CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible fo...

CVE-2024-6283

CVE-2024-6283 : DethemeKit For Elementor (WordPress) versions up to 2.1.5 are vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget. Exploitation requires authentication at contributor level or higher, enabling injection of scripts that run when users click the ...