Rometheme Romethemekit For Elementor vulnerabilities
3 known vulnerabilities affecting rometheme/romethemekit_for_elementor.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-33919P4MEDIUMCVSS 6.5≥ n/a, ≤ 1.4.12024-05-03
CVE-2024-33919 [MEDIUM] CWE-862 CVE-2024-33919: Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects Romet
Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1.
nvd
CVE-2024-10326P4MEDIUMCVSS 4.3fixed in 1.5.42025-03-08
CVE-2024-10326 [MEDIUM] CWE-862 CVE-2024-10326: The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of da
The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_options and reset_widgets functions in all versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify plugin settings or
nvd
CVE-2024-10324P4MEDIUMCVSS 4.3fixed in 1.5.32025-01-24
CVE-2024-10324 [MEDIUM] CWE-1230 CVE-2024-10324: The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register_controls function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and
nvd