Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2025-24743

Disclosure Date: January 27, 2025 (last updated January 28, 2025)
Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor. This issue affects RomethemeKit For Elementor: from n/a through 1.5.2.
0
0
Attacker Value
Unknown

CVE-2024-10324

Disclosure Date: January 24, 2025 (last updated February 05, 2025)
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register_controls function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-47626

Disclosure Date: October 05, 2024 (last updated October 06, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rometheme RomethemeKit For Elementor allows Stored XSS.This issue affects RomethemeKit For Elementor: from n/a through 1.5.0.
0
0
Attacker Value
Unknown

CVE-2024-33919

Disclosure Date: May 03, 2024 (last updated May 03, 2024)
Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1.
0
0
Attacker Value
Unknown

CVE-2024-32956

Disclosure Date: April 24, 2024 (last updated April 24, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rometheme RomethemeKit For Elementor allows Stored XSS.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1.
0
0