5 matches found
WordPress OneTone theme cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.OneTone theme is a responsive website theme plugin used in it. A cross-site scripting vulnerability exists in the...
WordPress OneTone theme unauthorized operation vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.OneTone theme is a responsive website theme plugin used in it. A security vulnerability exists in the includes/theme-functions.php file...
CVE-2019-17230
includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress allows unauthenticated options changes...
Cross site scripting
includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues...
CVE-2017-7719
SQL injection in the Spider Event Calendar aka spider-event-calendar plugin before 1.5.52 for WordPress is exploitable with the orderby parameter to calendarfunctions.php or widgetThemefunctions.php, related to frontend/frontendfunctions.php...