6 matches found
CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...
CVE-2025-31054 WordPress Bloggie theme <= 2.0.8 - Cross Site Scripting (XSS) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Themefy Bloggie allows Reflected XSS.This issue affects Bloggie: from n/a through 2.0.8...
CVE-2025-31054
CVE-2025-31054 describes a vulnerability in the WordPress theme Bloggie (Themefy) up to version 2.0.8. The connected sources indicate a Cross‑Site Request Forgery (CSRF) issue that enables a Reflected XSS in Bloggie, affecting versions from n/a through 2.0.8. The CVE is discussed by multiple feed...
WordPress Bloggie Theme <= 2.0.8 is vulnerable to Cross Site Scripting (XSS)
Software Bloggie Type Theme Vulnerable versions = 2.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-31054 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1cb4c6b4802f Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
WordPress Bloggie <= 2.0.8 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Bloggie versions = 2.0.8...
WordPress Bloggie Theme - File Upload Arbitrary Code Execution
A "themify-ajax.php" file upload arbitrary PHP code execution vulnerability was found in WordPress Bloggie theme. Solution Update the theme...