4 matches found
CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...
WordPress Photobox <= 2.0.1 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Theme Photobox versions = 2.0.1...
WordPress Photobox Theme <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Photobox Type Theme Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-31013 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b4a93febf215 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
WordPress Photobox Theme - File Upload Arbitrary Code Execution
A "themify-ajax.php" file upload arbitrary PHP code execution vulnerability was found in WordPress Photobox theme. Solution Update the theme...