71 matches found
CVE-2025-32201 WordPress Xpro Theme Builder Plugin <= 1.2.8.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.8.3...
CVE-2025-32201 WordPress Xpro Theme Builder Plugin <= 1.2.8.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Xpro Xpro Theme Builder xpro-theme-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Theme Builder: from n/a through = 1.2.8.4...
CVE-2025-32201
CVE-2025-32201 : Missing Authorization in the WordPress plugin Xpro Theme Builder affects versions from n/a up to 1.2.8.3. The provided documents include limited technical details (affected version range, vulnerability class) and CVSS v3.1 data (base score 4.3, medium). No explicit root cause, ex...
PT-2025-14981 · Unknown · Xpro Theme Builder
Name of the Vulnerable Software and Affected Versions: Xpro Theme Builder versions 1.2.8.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Xpro Theme Builder...
WordPress Theme Builder For Elementor plugin <= 1.2.2 - Authenticated (Contributor+) Post Disclosure vulnerability
Authenticated Contributor+ Post Disclosure vulnerability discovered by Francesco Carlucci in WordPress Plugin Theme Builder For Elementor versions = 1.2.2...
CVE-2024-10782 Theme Builder For Elementor <= 1.2.2 - Authenticated (Contributor+) Post Disclosure
The Theme Builder For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with...
CVE-2024-10782
The CVE CVE-2024-10782 affects the WordPress Theme Builder For Elementor plugin (versions up to 1.2.2). The root cause is insufficient restrictions on which posts can be included via the elementor-template shortcode, enabling authenticated attackers with Contributor-level access and above to expo...
WordPress plugin Theme Builder For Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Theme Builder For Elementor Plugin <= 1.2.2 is vulnerable to Broken Access Control
Software Theme Builder For Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10782 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266b574a3c97...
CVE-2024-51682
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through 1.3.0...
CVE-2024-51682
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through = 1.3.0...
WordPress HT Builder – WordPress Theme Builder for Elementor Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software HT Builder – WordPress Theme Builder for Elementor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51682 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f85ba0467c8 Credits Gab...
CVE-2023-47783
Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-47783 WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability
Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-47783 WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability
Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
WordPress plugin Thrive Theme Builder security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Thrive The...
CVE-2023-47782
Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2023-6880
The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input sanitizatio...