CVE-2025-52747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2...

CVE-2025-52747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2...

EUVD-2025-209960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2...

CVE-2025-69330

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Prestige prestige allows Reflected XSS.This issue affects Prestige: from n/a through 1.4.1...

CVE-2025-69329

Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through 1.4.1...

CVE-2025-69393

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through = 1.2.4...

CVE-2025-69330

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Prestige prestige allows Reflected XSS.This issue affects Prestige: from n/a through 1.4.1...

CVE-2025-69329

Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through 1.4.1...

PT-2026-21144

Name of the Vulnerable Software and Affected Versions Jthemes Prestige versions prior to 1.4.1 Description The software contains a flaw due to deserialization of untrusted data, which can lead to object injection. Recommendations Update Jthemes Prestige to version 1.4.1 or later...

PT-2026-21174

Name of the Vulnerable Software and Affected Versions Jthemes Exzo versions through 1.2.4 Description A missing authorization issue exists in Jthemes Exzo, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Jthemes Exzo to a version later than...

PT-2026-21145

Name of the Vulnerable Software and Affected Versions Jthemes Prestige versions prior to 1.4.1 Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-Site Scripting XSS. This means that malicious code can be injecte...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...