138 matches found
PT-2026-23239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Starto starto allows Reflected XSS.This issue affects Starto: from n/a through = 2.1.9...
PT-2026-23240
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand News grandnews allows Reflected XSS.This issue affects Grand News: from n/a through = 3.4.3...
PT-2026-23238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Photography photography allows DOM-Based XSS.This issue affects Photography: from n/a through = 7.6.1...
PT-2026-23247
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Musico musico allows Reflected XSS.This issue affects Musico: from n/a through = 3.2.4...
CVE-2025-69370
Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through = 2.5.5...
CVE-2025-69301
Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through = 5.6.11...
CVE-2026-24949
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through = 5.7.1...
CVE-2025-69301
Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through = 5.6.11...
CVE-2026-24943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Conference grandconference allows Reflected XSS.This issue affects Grand Conference: from n/a through = 5.3.4...
PT-2026-21229
Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Conference versions through 5.3.4 Description The software contains a flaw related to improper input handling during web page creation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for the injection of...
PT-2026-21151
Name of the Vulnerable Software and Affected Versions ThemeGoods Capella versions through 2.5.5 Description A flaw exists in ThemeGoods Capella that allows for object injection due to deserialization of untrusted data. This can lead to unauthorized code execution. Recommendations Update to a...
CVE-2026-23542
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through = 7.0.10...
PT-2026-20660
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through = 7.0.10...
CVE-2026-24961
Server-Side Request Forgery SSRF vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through 3.1.5...
CVE-2026-24961
Server-Side Request Forgery SSRF vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through 3.1.5...
EUVD-2026-5223
Server-Side Request Forgery SSRF vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through 3.1.5...
CVE-2025-69321
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through = 3.5.5...
CVE-2025-67952
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...
CVE-2025-68518
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Hoteller hoteller allows Reflected XSS.This issue affects Hoteller: from n/a through 6.8.9...
CVE-2025-68510
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...