WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read

WordPress Responsive Vector Maps 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvmuploadregionsfilepath parameter in the rvmimportregions AJAX action, allowing any authenticated user to read arbitrary files on the w...

CVE-2025-63032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through = 1.5.0...

CVE-2025-62991

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Minamaze minamaze allows Stored XSS.This issue affects Minamaze: from n/a through = 1.10.1...

CVE-2025-62136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Melos melos allows Stored XSS.This issue affects Melos: from n/a through = 1.6.0...

CVE-2025-63032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through = 1.5.0...

CVE-2025-62991

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Minamaze minamaze allows Stored XSS.This issue affects Minamaze: from n/a through = 1.10.1...

EUVD-2025-205921

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Minamaze allows Stored XSS.This issue affects Minamaze: from n/a through 1.10.1...

CVE-2025-63032

According to the connected Wordfence report, CVE-2025-63032 affects Branda Consulting? Actually, it affects Consulting: ThinkUpThemes Consulting WordPress theme/plugin, with versions up to 1.5.0. It is an Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability caused by improper in...

EUVD-2025-205922

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0...

CVE-2025-62136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Melos melos allows Stored XSS.This issue affects Melos: from n/a through = 1.6.0...

CVE-2025-62136 WordPress Melos theme <= 1.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Melos melos allows Stored XSS.This issue affects Melos: from n/a through = 1.6.0...

CVE-2025-62136

CVE-2025-62136 refers to a stored XSS in the WordPress Melos theme. The Melos

PT-2025-54298

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Melos allows Stored XSS.This issue affects Melos: from n/a through 1.6.0...

PT-2025-54312

Name of the Vulnerable Software and Affected Versions ThinkUpThemes Minamaze versions through 1.10.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Stored Cross-site Scripting XSS condition. This allows an attacker to...

PT-2025-54313

Name of the Vulnerable Software and Affected Versions ThinkUpThemes Consulting versions through 1.5.0 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS issue. This specific instance allows for Stored...