WordPress Themify Edmin theme <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

🗓️ 01 Apr 2025 07:37:52Reported by Tran Nguyen Bao Khanh(VCI - VNPT)Type

patchstack

patchstack🔗 patchstack.com👁 1 Views

Reflected XSS in WordPress Themify Edmin theme versions 2.0.0 and earlier, by Tran Nguyen Bao Khanh.

Reporter	Title	Published	Views	Family All 17
CVE	CVE-2025-31013	10 Apr 202514:38	–	cve
Patchstack	WordPress Slide <= 1.7.5 - Cross Site Scripting (XSS) Vulnerability	1 Apr 202507:37	–	patchstack
Patchstack	WordPress Themify Sidepane WordPress Theme Theme <= 1.9.8 is vulnerable to Cross Site Scripting (XSS)	31 Mar 202500:00	–	patchstack
Patchstack	WordPress Themify Folo theme <= 1.9.6 - Reflected Cross Site Scripting (XSS) vulnerability	1 Apr 202511:38	–	patchstack
Patchstack	WordPress Shopo Theme <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)	31 Mar 202500:00	–	patchstack
Patchstack	WordPress Slide Theme <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)	1 Apr 202500:00	–	patchstack
Patchstack	WordPress Rezo Theme <= 1.9.7 is vulnerable to Cross Site Scripting (XSS)	1 Apr 202500:00	–	patchstack
Patchstack	WordPress Themify Newsy theme <= 1.9.9 - Reflected Cross Site Scripting (XSS) vulnerability	1 Apr 202511:38	–	patchstack
Patchstack	WordPress Themify Edmin Theme <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)	1 Apr 202500:00	–	patchstack
Patchstack	WordPress Themify Sidepane WordPress theme <=1.9.8 - Cross Site Scripting (XSS) vulnerability	31 Mar 202517:25	–	patchstack

Vulners

Node

wordpress themify_edminRange≤2.0.0

01 Apr 2025 07:37Current

6.1Medium risk

Vulners AI Score6.1

WordPress Themify Edmin cross site scripting version two zero discovered by Tran