{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-0661", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-01-23T01:19:54.957Z", "datePublished": "2025-02-13T06:58:04.120Z", "dateUpdated": "2026-04-08T16:40:44.947Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:44.947Z"}, "affected": [{"vendor": "detheme", "product": "DethemeKit for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, draft, or scheduled posts that they should not have access to by duplicating the post."}], "title": "DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Protected Post Disclosure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e2c937c-1ff8-4bcc-913b-83bade37d754?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3236114/dethemekit-for-elementor/trunk/admin/includes/dep/admin-helper.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "cweId": "CWE-639", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Craig Smith"}], "timeline": [{"time": "2025-01-23T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-02-12T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-13T14:52:14.904464Z", "id": "CVE-2025-0661", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-13T14:52:26.806Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0661", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-13T14:52:14.904464Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-13T14:52:22.687Z"}}], "cna": {"title": "DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Protected Post Disclosure", "credits": [{"lang": "en", "type": "finder", "value": "Craig Smith"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "detheme", "product": "DethemeKit for Elementor", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.1.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-01-23T00:00:00.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-02-12T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e2c937c-1ff8-4bcc-913b-83bade37d754?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3236114/dethemekit-for-elementor/trunk/admin/includes/dep/admin-helper.php"}], "descriptions": [{"lang": "en", "value": "The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, draft, or scheduled posts that they should not have access to by duplicating the post."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:44.947Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0661", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:40:44.947Z", "dateReserved": "2025-01-23T01:19:54.957Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-02-13T06:58:04.120Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:detheme:dethemekit_for_elementor:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "BCC4FEE2-C4C2-4D16-A46B-99E268C04DC7", "versionEndExcluding": "2.1.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, draft, or scheduled posts that they should not have access to by duplicating the post."}, {"lang": "es", "value": "El complemento DethemeKit For Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 2.36 incluida, a trav\u00e9s de la funci\u00f3n duplicate_post() debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden duplicar. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones protegidas con contrase\u00f1a, privadas, en borrador o programadas a las que no deber\u00edan tener acceso duplicando la publicaci\u00f3n."}], "id": "CVE-2025-0661", "lastModified": "2025-02-24T17:10:16.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2025-02-13T07:15:10.777", "references": [{"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3236114/dethemekit-for-elementor/trunk/admin/includes/dep/admin-helper.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e2c937c-1ff8-4bcc-913b-83bade37d754?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "security@wordfence.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T12:04:28.922808+00:00", "value": {"mitigation_remediation": ["Upgrade DethemeKit for Elementor to a patched version newer than 2.36 or the latest release provided by Detheme.", "Revoke or restrict the duplicate_post capability for the Contributor role so that only Administrators retain the ability to duplicate posts.", "Modify plugin settings or add custom code to block duplication of password protected, private, draft, or scheduled posts and enforce strict role permissions."], "summary": {"action": "Immediate Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "All installations of DethemeKit for Elementor version 2.36 or earlier are affected. The plugin is distributed by Detheme and installed via the WordPress plugin repository. Any site running one of these affected versions may be vulnerable if it grants contributors the ability to duplicate posts.", "description_and_impact": "The DethemeKit For Elementor plugin for WordPress suffers from a vulnerability that allows authenticated users with Contributor-level access or higher to duplicate posts that are password protected, private, draft, or scheduled. By using the duplicate_post() function, the attacker can retrieve the content of posts that the user should not be able to view, thereby exposing sensitive information. This flaw is a classic example of an information exposure weakness (CWE\u2011639).", "risk_and_exploitability": "The CVSS score of 4.3 indicates moderate severity. An EPSS score of less than 1% suggests a low probability of exploitation in the wild, but the flaw remains public and the function can be invoked by any user with the Contributor capability. Because the attack requires authenticated access, it is not a remote code execution vector, yet it exposes confidential content. The vulnerability is not listed in the CISA KEV catalog, and no official Certified CNA workaround is available. Attacker likely obtains the exposed data by simply duplicating the restricted post through the plugin\u2019s UI or API."}}}}, "created": "2026-04-28T12:15:30.888748+00:00", "updated": "2026-04-28T12:15:30.888760+00:00", "vendors": []}