2 matches found
CVE-2024-6283
CVE-2024-6283 : DethemeKit For Elementor (WordPress) versions up to 2.1.5 are vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget. Exploitation requires authentication at contributor level or higher, enabling injection of scripts that run when users click the ...
WordPress DethemeKit For Elementor Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS)
Software DethemeKit For Elementor Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34575 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0b69cc11bc19 Credits 4rCanJ0x! Required privilege...