Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2026/02/20 1:27 p.m.4 views

CVE-2026-25422

Cross-Site Request Forgery CSRF vulnerability in Themes4WP Popularis Extra popularis-extra allows Cross Site Request Forgery.This issue affects Popularis Extra: from n/a through = 1.2.10...

5.4CVSS5.5AI score0.0002EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/19 8:27 a.m.24 views

CVE-2026-25422 WordPress Popularis Extra plugin <= 1.2.10 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Themes4WP Popularis Extra popularis-extra allows Cross Site Request Forgery.This issue affects Popularis Extra: from n/a through = 1.2.10...

5.4CVSS0.0002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/19 8:27 a.m.2 views

CVE-2026-25422

Cross-Site Request Forgery CSRF vulnerability in Themes4WP Popularis Extra popularis-extra allows Cross Site Request Forgery.This issue affects Popularis Extra: from n/a through = 1.2.10...

5.5AI score0.0002EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-44897

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00155EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-27728

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:56 a.m.1 views

CVE-2024-38763

Cross-Site Request Forgery CSRF vulnerability in themes4wp Popularis Verse popularis-verse allows Cross Site Request Forgery.This issue affects Popularis Verse: from n/a through = 1.1.1...

4.3CVSS5.9AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:17 a.m.4 views

CVE-2024-50470

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themes4WP Themes4WP YouTube External Subtitles themes4wp-youtube-external-subtitles allows DOM-Based XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through = 1.0...

6.5CVSS5.9AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/21 5:19 p.m.5 views

CVE-2025-26867

Missing Authorization vulnerability in Themes4WP Bulk allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk: from n/a through 1.0.11...

5.3CVSS6.7AI score0.00292EPSS
Exploits0References1
NVD
NVDadded 2025/05/19 5:15 p.m.6 views

CVE-2025-26867

Missing Authorization vulnerability in Themes4WP Bulk allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk: from n/a through 1.0.11...

5.3CVSS0.00292EPSS
Exploits0References1
CVE
CVEadded 2025/05/19 4:48 p.m.29 views

CVE-2025-26867

CVE-2025-26867 is a Missing Authorization vulnerability affecting WordPress Theme/Plugin: Themes4WP Bulk versions

5.3CVSS6.7AI score0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/19 12:0 a.m.2 views

PT-2025-22021 · Unknown · Themes4Wp Bulk

Name of the Vulnerable Software and Affected Versions: Themes4WP Bulk versions 1.0.11 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.0.11 and earlier,...

5.3CVSS6AI score0.00292EPSS
Exploits0References3
NVD
NVDadded 2025/01/02 12:15 p.m.9 views

CVE-2024-38763

Cross-Site Request Forgery CSRF vulnerability in themes4wp Popularis Verse popularis-verse allows Cross Site Request Forgery.This issue affects Popularis Verse: from n/a through = 1.1.1...

4.3CVSS0.00162EPSS
Exploits0References1
CVE
CVEadded 2025/01/02 12:1 p.m.40 views

CVE-2024-38763

CVE-2024-38763 corresponds to a Cross-Site Forgery vulnerability in Themes4WP Popularis Verse. Affected product/version: Popularis Verse for WordPress, affected up to version 1.1.1 (no versions newer than 1.1.1 identified). Root cause: CSRF vulnerability enabling unauthorized state-changing actio...

4.3CVSS5.9AI score0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/02 12:1 p.m.8 views

CVE-2024-38763 WordPress Popularis Verse theme <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Themes4WP Popularis Verse allows Cross Site Request Forgery.This issue affects Popularis Verse: from n/a through 1.1.1...

4.3CVSS5AI score0.00162EPSS
Exploits0References1
OSV
OSVadded 2024/10/28 1:15 p.m.0 views

CVE-2024-50470

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themes4WP Themes4WP YouTube External Subtitles allows Stored XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through 1.0...

5.4CVSS5.8AI score0.00155EPSS
Exploits0References1
NVD
NVDadded 2024/10/28 1:15 p.m.12 views

CVE-2024-50470

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themes4WP Themes4WP YouTube External Subtitles themes4wp-youtube-external-subtitles allows DOM-Based XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through = 1.0...

6.5CVSS0.00155EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/10/28 12:46 p.m.18 views

CVE-2024-50470 WordPress Themes4WP YouTube External Subtitles plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themes4WP Themes4WP YouTube External Subtitles themes4wp-youtube-external-subtitles allows DOM-Based XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through = 1.0...

6.5CVSS0.00155EPSS
Exploits0References1
CVE
CVEadded 2024/10/28 12:46 p.m.35 views

CVE-2024-50470

CVE-2024-50470 is a Stored XSS vulnerability in the WordPress plugin Themes4WP YouTube External Subtitles (root cause: improper neutralization of input during web page generation). Affected versions are up to 1.0 (no patch information provided). Connected sources indicate low patch priority/no fi...

6.5CVSS5.9AI score0.00155EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/10/28 12:46 p.m.9 views

CVE-2024-50470 WordPress Themes4WP YouTube External Subtitles plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themes4WP Themes4WP YouTube External Subtitles themes4wp-youtube-external-subtitles allows DOM-Based XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through = 1.0...

6.5CVSS5.9AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/10/28 12:0 a.m.2 views

PT-2024-34247 · Unknown · Themes4Wp Youtube External Subtitles

Name of the Vulnerable Software and Affected Versions: Themes4WP YouTube External Subtitles versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.4AI score0.00155EPSS
Exploits0References4
Rows per page
Query Builder