38 matches found
PT-2025-22022 · Customify · Customify
Name of the Vulnerable Software and Affected Versions: Customify versions 0.4.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to unauthorized access due to the la...
WordPress Customify theme <= 0.4.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Theme Customify versions = 0.4.8...
WordPress Customify Theme <= 0.4.8 is vulnerable to Broken Access Control
Software Customify Type Theme Vulnerable versions = 0.4.8 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-26920 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 6338c0e15242 Credits Fariq Fadillah Gusti Insani Required...
CVE-2024-33644
Improper Control of Generation of Code 'Code Injection' vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9...
CVE-2024-33644 WordPress Customify Site Library plugin <= 0.0.9 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9...
CVE-2024-33644 WordPress Customify Site Library plugin <= 0.0.9 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9...
CVE-2024-33644
CVE-2024-33644 is an unauthenticated remote code execution vulnerability in the WPCustomify Customify Site Library (WordPress plugin). Technical details across sources show code-injection via improper control of generated code, affecting Customify Site Library versions from 0.0.0 up to and includ...
Customify Site Library <= 0.0.9 - Unauthenticated Remote Code Execution
Description The Customify Site Library plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 0.0.9. This makes it possible for unauthenticated attackers to execute code on the server...
WordPress Customify Site Library plugin <= 0.0.9 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Customify Site Library versions = 0.0.9...
WordPress Customify Site Library Plugin <= 0.0.9 is vulnerable to Remote Code Execution (RCE)
Software Customify Site Library Type Plugin Vulnerable versions = 0.0.9 Fixed in N/A OWASP Top 10 A5: Security Misconfiguration Classification Remote Code Execution RCE CVE CVE-2024-33644 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 4794ee1ad1c4 Credits Abdi Pranata...
CVE-2023-27633
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633 WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633 WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin = 2.10.4 versions...
CVE-2023-27633
The CVE-2023-27633 entry concerns the WordPress plugin Customify (Pixelgrade) with a CSRF vulnerability in versions
WordPress Plugin Customify Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Customify Type Plugin Vulnerable versions = 2.10.4 Fixed in 2.10.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27633 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 795d165c4d06 Credits Mika Required privilege...