7 matches found
WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Themify Icons versions = 2.0.3...
CVE-2025-49395 WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Icons themify-icons allows Stored XSS.This issue affects Themify Icons: from n/a through = 2.0.3...
PT-2025-14995 · Unknown · Revive.So – Bulk Rewrite/Republish Blog Posts
Name of the Vulnerable Software and Affected Versions: Revive.so – Bulk Rewrite and Republish Blog Posts versions 2.0.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels...
PT-2024-14100 · Wpeverest · Everest Forms
Name of the Vulnerable Software and Affected Versions: Everest Forms versions 2.0.3 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPEverest Everest Forms. Recommendations: For versions 2.0.3 and earlier, update to a version later than 2.0.3 to resolve t...
PT-2024-23480 · Unknown · Gallery Album +1
Name of the Vulnerable Software and Affected Versions: wpdevart Responsive Image Gallery, Gallery Album versions through 2.0.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows Reflected XSS in the...
PT-2023-29666 · Unknown · Posimyth Nexter Extension
Name of the Vulnerable Software and Affected Versions: POSIMYTH Nexter Extension plugin versions = 2.0.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website, potentially leading to...
PT-2022-22046 · Jenkins · Jenkins Embeddable Build Status Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Embeddable Build Status Plugin versions 2.0.3 and earlier Description: The issue allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system by exploiting a relative path...