Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2025-24725
Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in ThimPress Thim Elementor Kit allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Elementor Kit: from n/a through 1.2.8.
0
Attacker Value
Unknown
CVE-2025-22312
Disclosure Date: January 07, 2025 (last updated January 07, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through 1.2.8.
0
Attacker Value
Unknown
CVE-2024-4329
Disclosure Date: May 14, 2024 (last updated January 05, 2025)
The Thim Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
0
Attacker Value
Unknown
CVE-2024-34415
Disclosure Date: May 14, 2024 (last updated May 15, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows Stored XSS.This issue affects Thim Elementor Kit: from n/a through 1.1.8.
0
