Detheme

Dethemekit For Elementor

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-57995

  • EPSS 0.06%
  • Veröffentlicht 22.09.2025 18:24:19
  • Zuletzt bearbeitet 22.09.2025 21:22:16

Missing Authorization vulnerability in Detheme DethemeKit For Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DethemeKit For Elementor: from n/a through 2.1.10.

5.3

CVE-2025-32260

  • EPSS 0.23%
  • Veröffentlicht 10.04.2025 08:15:20
  • Zuletzt bearbeitet 11.04.2025 15:39:52

Missing Authorization vulnerability in Detheme DethemeKit For Elementor. This issue affects DethemeKit For Elementor: from n/a through 2.1.10.

5.4

CVE-2025-1526

  • EPSS 0.09%
  • Veröffentlicht 14.03.2025 08:15:12
  • Zuletzt bearbeitet 24.03.2025 18:04:40

The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the De Product Display Widget (countdown feature) in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escapin...

5.4

CVE-2025-26772

  • EPSS 0.08%
  • Veröffentlicht 17.02.2025 12:15:28
  • Zuletzt bearbeitet 20.03.2025 12:20:45

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor allows Stored XSS. This issue affects DethemeKit For Elementor: from n/a through 2.1.8.

4.3

CVE-2025-0661

  • EPSS 0.1%
  • Veröffentlicht 13.02.2025 07:15:10
  • Zuletzt bearbeitet 24.02.2025 17:10:16

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it poss...

5.4

CVE-2024-13644

  • EPSS 0.08%
  • Veröffentlicht 13.02.2025 02:15:29
  • Zuletzt bearbeitet 25.02.2025 19:39:23

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied ...

5.4

CVE-2024-47632

  • EPSS 0.14%
  • Veröffentlicht 05.10.2024 13:15:14
  • Zuletzt bearbeitet 13.03.2025 13:54:55

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.1.7.

5.4

CVE-2024-6283

  • EPSS 0.23%
  • Veröffentlicht 27.06.2024 05:15:51
  • Zuletzt bearbeitet 21.11.2024 09:49:20

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user...

5.4

CVE-2024-5418

  • EPSS 0.47%
  • Veröffentlicht 31.05.2024 03:15:08
  • Zuletzt bearbeitet 24.03.2025 14:25:36

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitiz...

5.4

CVE-2024-4374

  • EPSS 0.27%
  • Veröffentlicht 18.05.2024 05:15:46
  • Zuletzt bearbeitet 21.03.2025 18:06:18

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping on user supplied attributes...