Sktthemes
Products
4- 8 CVEs
- 4 CVEs
- 2 CVEs
- 2 CVEs
Recent CVEs
16| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47608 | Cri | 0.68 | 9.3 | 0.01 | Jun 9, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <=… | ||
| CVE-2024-44007 | Hig | 0.46 | 7.1 | 0.00 | Sep 17, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Templates – Elementor & Gutenberg templates skt-templates allows Reflected XSS.This issue affects SKT Templates – Elementor & Gutenberg templates: from n/a… | ||
| CVE-2025-48270 | Med | 0.42 | 6.5 | 0.00 | May 19, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows DOM-Based XSS.This issue affects SKT Blocks: from n/a through <= 2.2. | ||
| CVE-2025-46235 | Med | 0.42 | 6.5 | 0.00 | Apr 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 2.0. | ||
| CVE-2025-26998 | Med | 0.42 | 6.5 | 0.00 | Apr 15, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 1.8. | ||
| CVE-2025-26771 | Med | 0.42 | 6.5 | 0.00 | Feb 17, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 1.7. | ||
| CVE-2024-48036 | Med | 0.42 | 6.5 | 0.00 | Oct 17, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks.This issue affects SKT Blocks: from n/a through <= 1.6. | ||
| CVE-2024-34445 | Med | 0.42 | 6.5 | 0.00 | May 14, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8. | ||
| CVE-2024-34436 | Med | 0.42 | 6.5 | 0.00 | May 14, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8. | ||
| CVE-2024-5091 | Hig | 0.41 | 7.4 | 0.00 | Jun 8, 2024 | The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes.… | ||
| CVE-2024-13733 | Med | 0.35 | 6.4 | 0.00 | Feb 4, 2025 | The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's skt-blocks/post-carousel block in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied… | ||
| CVE-2025-46243 | Med | 0.28 | 4.3 | 0.00 | Apr 22, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows Cross Site Request Forgery.This issue affects Recover abandoned cart for WooCommerce: from n/a through <= 2.2. | ||
| CVE-2024-1337 | Med | 0.28 | 4.3 | 0.00 | Feb 29, 2024 | The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderPageData' function in all versions up to, and including, 4.1. This makes it possible for authenticated attackers, with subscriber… | ||
| CVE-2025-3276 | 0.00 | — | 0.00 | Apr 12, 2025 | The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Carousel block in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for… | |||
| CVE-2024-43946 | 0.00 | — | 0.00 | Aug 29, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Blocks – Gutenberg based Page Builder allows Stored XSS.This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 1.5. | |||
| CVE-2024-38674 | 0.00 | — | 0.00 | Jul 20, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 3.0. |
- risk 0.68cvss 9.3epss 0.01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows SQL Injection.This issue affects Recover abandoned cart for WooCommerce: from n/a through <=…
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Templates – Elementor & Gutenberg templates skt-templates allows Reflected XSS.This issue affects SKT Templates – Elementor & Gutenberg templates: from n/a…
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows DOM-Based XSS.This issue affects SKT Blocks: from n/a through <= 2.2.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 2.0.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 1.8.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks allows Stored XSS.This issue affects SKT Blocks: from n/a through <= 1.7.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks skt-blocks.This issue affects SKT Blocks: from n/a through <= 1.6.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8.
- risk 0.41cvss 7.4epss 0.00
The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Age Gate and Creative Slider widgets in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes.…
- risk 0.35cvss 6.4epss 0.00
The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's skt-blocks/post-carousel block in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce recover-wc-abandoned-cart allows Cross Site Request Forgery.This issue affects Recover abandoned cart for WooCommerce: from n/a through <= 2.2.
- risk 0.28cvss 4.3epss 0.00
The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderPageData' function in all versions up to, and including, 4.1. This makes it possible for authenticated attackers, with subscriber…
- CVE-2025-3276Apr 12, 2025risk 0.00cvss —epss 0.00
The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Carousel block in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for…
- CVE-2024-43946Aug 29, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Blocks – Gutenberg based Page Builder allows Stored XSS.This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 1.5.
- CVE-2024-38674Jul 20, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 3.0.