Detheme Dethemekit_for_elementor
11 CVEs affecting Detheme Dethemekit_for_elementor. Latest disclosed: 2025-03-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26772 | Medium | 6.5 | 2025-02-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor… |
CVE-2024-47632 | Medium | 6.5 | 2024-10-05 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor… |
CVE-2024-34575 | Medium | 6.5 | 2024-05-17 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS… |
CVE-2024-32508 | Medium | 6.5 | 2024-04-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This i… |
CVE-2025-1526 | Medium | 6.4 | 2025-03-14 | The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the De Product Display Widget (countdown feature) in all ver… |
CVE-2024-13644 | Medium | 6.4 | 2025-02-13 | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and in… |
CVE-2024-5418 | Medium | 6.4 | 2024-05-31 | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab &… |
CVE-2024-4374 | Medium | 6.4 | 2024-05-18 | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2… |
CVE-2024-6283 | Medium | 5.4 | 2024-06-27 | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions u… |
CVE-2021-24270 | Medium | 5.4 | 2021-05-05 | The “DeTheme Kit for Elementor” WordPress Plugin before 1.5.5.5 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users… |
CVE-2025-0661 | Medium | 4.3 | 2025-02-13 | The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() fun… |