CVE-2024-10324 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register…
Medium CVSS: 4.3

CVE-2024-10324

The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.2 via the register_controls function in widgets/offcanvas-rometheme.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.
Vendor
Rometheme
Product
Romethemekit For Elementor
CWE
CWE-1230
Yayın Tarihi
2025-01-24 14:15:30
Güncelleme
2025-02-04 19:41:41
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-1230 Romethemekit For Elementor MEDIUM Rometheme 2025

Referanslar

https://plugins.trac.wordpress.org/changeset/3220079/rometheme-for-elementor https://www.wordfence.com/threat-intel/vulnerabilities/id/cd726b20-75c9-408e-86fc-061db591a9db?source=cve