DethemeKit For Elementor < 1.5.5.5 - Contributor+ Stored XSS
CVE-2021-24270
5.4MEDIUM
What is CVE-2021-24270?
The “DeTheme Kit for Elementor” WordPress Plugin before 1.5.5.5 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
Affected Version(s)
DethemeKit For Elementor 1.5.5.5