Dethemekit For Elementor

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-1526 MEDIUM PATCH This Month

The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the De Product Display Widget (countdown feature) in all versions up to, and including, 2.1.9 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Dethemekit For Elementor PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-0661 MEDIUM PATCH This Month

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Authentication Bypass Dethemekit For Elementor PHP
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-13644 MEDIUM PATCH This Month

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Dethemekit For Elementor
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2025-1526
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the De Product Display Widget (countdown feature) in all versions up to, and including, 2.1.9 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Dethemekit For Elementor +1
NVD
CVE-2025-0661
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Authentication Bypass +2
NVD
CVE-2024-13644
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.8 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Dethemekit For Elementor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy