CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

WordPress Slide Theme <= 1.7.5 is vulnerable to Arbitrary File Upload

Software Slide Type Theme Vulnerable versions = 1.7.5 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-30996 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 93c6f7b48621 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Slide Theme <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Software Slide Type Theme Vulnerable versions = 1.7.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-31013 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 185dcd16a69e Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immuni...

WordPress Slide Theme - File Upload Arbitrary Code Execution

A "themify-ajax.php" file upload arbitrary PHP code execution vulnerability was found in WordPress Slide theme. Solution Update the theme...