10 matches found
CVE-2026-24355
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through = 4.2.6...
CVE-2026-24355
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through = 4.2.6...
CVE-2026-24355
Summary: CVE-2026-24355 is a Stored XSS in the Houzez Theme - Functionality (Houzez Theme - Functionality plugin) for WordPress. The issue arises from improper neutralization of input during web page generation, allowing stored malicious payloads to be executed in the context of the affected site...
CVE-2026-24355
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through = 4.2.6...
EUVD-2025-38071
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through 4.2.0...
PT-2025-45317
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through 4.2.0...
CVE-2025-62058
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through 4.2.0...
CVE-2025-62054 WordPress Houzez Theme - Functionality plugin <= 4.1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through = 4.1.8...
CVE-2025-62054 WordPress Houzez Theme - Functionality plugin <= 4.1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through = 4.1.8...
CVE-2025-62054
CVE-2025-62054 affects the Houzez Theme - Functionality plugin for WordPress (versions up to 4.1.8). The vulnerability is Local File Inclusion due to improper control of the filename in include/require statements (PHP Remote File Inclusion). Wordfence and Patchstack reference this as a LFI issue ...