19 matches found
CVE-2025-50007
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-50006
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-54002
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-54002
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-54002
CVE-2025-54002: WordPress xSmart theme
CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-50007
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-50006
CVE-2025-50006 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress theme/collection item Jthemes xSmart (xsmart) , affecting versions up to and including 1.2.9.4 . The issue arises from improper handling/neutralization of user-supplied input during web page generation, enabli...
WordPress plugin xSmart has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-3987
Name of the Vulnerable Software and Affected Versions Jthemes xSmart versions through 1.2.9.4 Description An issue exists in Jthemes xSmart related to incorrectly configured access control security levels, allowing for missing authorization. The issue allows exploitation of access control...
WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...
WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...
CVE-2025-62936 WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...
CVE-2025-62936 WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...
PT-2025-43812
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...
WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability
Content Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...