Dethemekit For Elementor Security Vulnerabilities and Issues — Dethemekit For Elementor CVE List

Lucene search

DethemeDethemekit For Elementor

12 matches found

CVE•added 2024/04/17 10:15 a.m.•63 views

CVE-2024-32508

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.0.2.

6.5CVSS6.4AI score0.00133EPSS

CVE•added 2024/05/18 5:15 a.m.•57 views

CVE-2024-4374

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attack...

6.4CVSS5.7AI score0.00142EPSS

CVE•added 2024/05/31 3:15 a.m.•54 views

CVE-2024-5418

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied attrib...

6.4CVSS5.9AI score0.00266EPSS

CVE•added 2025/02/13 7:15 a.m.•52 views

CVE-2025-0661

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributo...

4.3CVSS6.8AI score0.00034EPSS

CVE•added 2025/02/17 12:15 p.m.•50 views

CVE-2025-26772

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor allows Stored XSS. This issue affects DethemeKit For Elementor: from n/a through 2.1.8.

6.5CVSS6.9AI score0.00026EPSS

CVE•added 2024/05/17 6:15 a.m.•46 views

CVE-2024-34575

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.1.2.

6.5CVSS6.6AI score0.00241EPSS

CVE•added 2025/03/14 8:15 a.m.•46 views

CVE-2025-1526

The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the De Product Display Widget (countdown feature) in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attac...

6.4CVSS5.8AI score0.00057EPSS

CVE•added 2025/04/10 8:15 a.m.•43 views

CVE-2025-32260

Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through 2.1.10.

5.3CVSS5.3AI score0.00042EPSS

CVE•added 2021/05/05 7:15 p.m.•41 views

CVE-2021-24270

The “DeTheme Kit for Elementor” WordPress Plugin before 1.5.5.5 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.

5.4CVSS5.2AI score0.00222EPSS

CVE•added 2024/10/05 1:15 p.m.•41 views

CVE-2024-47632

6.5CVSS6.7AI score0.00055EPSS

CVE•added 2025/02/13 2:15 a.m.•40 views

CVE-2024-13644

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authentica...

6.4CVSS5.8AI score0.00024EPSS

CVE•added 2024/06/27 5:15 a.m.•39 views

CVE-2024-6283

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for ...

5.4CVSS5.3AI score0.00079EPSS