Lucene search
K

71 matches found

Vulnrichment
Vulnrichment
added 2025/04/04 3:59 p.m.10 views

CVE-2025-32201 WordPress Xpro Theme Builder Plugin <= 1.2.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.8.3...

4.3CVSS7.1AI score0.00434EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:59 p.m.13 views

CVE-2025-32201 WordPress Xpro Theme Builder Plugin <= 1.2.8.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Xpro Xpro Theme Builder xpro-theme-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Theme Builder: from n/a through = 1.2.8.4...

4.3CVSS0.00434EPSS
Exploits0References1
CVE
CVE
added 2025/04/04 3:59 p.m.48 views

CVE-2025-32201

CVE-2025-32201 : Missing Authorization in the WordPress plugin Xpro Theme Builder affects versions from n/a up to 1.2.8.3. The provided documents include limited technical details (affected version range, vulnerability class) and CVSS v3.1 data (base score 4.3, medium). No explicit root cause, ex...

4.3CVSS7.2AI score0.00434EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.4 views

PT-2025-14981 · Unknown · Xpro Theme Builder

Name of the Vulnerable Software and Affected Versions: Xpro Theme Builder versions 1.2.8.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Xpro Theme Builder...

4.3CVSS5.3AI score0.00434EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/21 10:49 p.m.5 views

WordPress Theme Builder For Elementor plugin <= 1.2.2 - Authenticated (Contributor+) Post Disclosure vulnerability

Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Theme Builder For Elementor versions = 1.2.2...

4.3CVSS7AI score0.00456EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/21 5:33 a.m.11 views

CVE-2024-10782 Theme Builder For Elementor <= 1.2.2 - Authenticated (Contributor+) Post Disclosure

The Theme Builder For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...

4.3CVSS6.6AI score0.00456EPSS
Exploits0References2
CVE
CVE
added 2024/11/21 5:33 a.m.49 views

CVE-2024-10782

The CVE CVE-2024-10782 affects the WordPress Theme Builder For Elementor plugin (versions up to 1.2.2). The root cause is insufficient restrictions on which posts can be included via the elementor-template shortcode, enabling authenticated attackers with Contributor-level access and above to expo...

4.3CVSS4.3AI score0.00456EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.5 views

WordPress plugin Theme Builder For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.2AI score0.00456EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/21 12:0 a.m.11 views

WordPress Theme Builder For Elementor Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software Theme Builder For Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10782 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266b574a3c97...

4.3CVSS6.7AI score0.00456EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/04 3:15 p.m.0 views

CVE-2024-51682

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through 1.3.0...

5.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/11/04 3:15 p.m.10 views

CVE-2024-51682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through = 1.3.0...

6.5CVSS0.00233EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/01 12:0 a.m.11 views

WordPress HT Builder – WordPress Theme Builder for Elementor Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software HT Builder – WordPress Theme Builder for Elementor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51682 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f85ba0467c8 Credits Gab...

6.5CVSS6.7AI score0.00233EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/06/19 11:15 a.m.22 views

CVE-2023-47783

Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.3CVSS0.00356EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/19 10:36 a.m.30 views

CVE-2023-47783 WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability

Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.3CVSS0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/19 10:36 a.m.26 views

CVE-2023-47783 WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability

Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.3CVSS6.9AI score0.00356EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/19 12:0 a.m.5 views

WordPress plugin Thrive Theme Builder security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Thrive The...

8.3CVSS6.8AI score0.00356EPSS
Exploits0References2
NVD
NVD
added 2024/05/17 9:15 a.m.20 views

CVE-2023-47782

Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.8CVSS8.8AI score0.00526EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 8:37 a.m.16 views

CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.8CVSS8.8AI score0.00526EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:37 a.m.26 views

CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.8CVSS8.8AI score0.00526EPSS
Exploits0References1
NVD
NVD
added 2024/03/13 4:15 p.m.20 views

CVE-2023-6880

The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input sanitizatio...

6.4CVSS5.7AI score0.00416EPSS
Exploits0References2
Rows per page
Query Builder