68 matches found
CVE-2025-68839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...
CVE-2025-68839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...
CVE-2025-68839 WordPress Easy Theme Options plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...
CVE-2025-68839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...
CVE-2025-68839
CVE-2025-68839 is a WordPress plugin vulnerability in the Easy Theme Options plugin (Remi Corson) causing a Reflected XSS during web page generation. Affected versions are reported as
CVE-2025-68839 WordPress Easy Theme Options plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...
WordPress plugin Easy Theme Options has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-4085
Name of the Vulnerable Software and Affected Versions Easy Theme Options versions prior to 1.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, which can lead to Reflected Cross-site Scripting XSS. This means that malicious code can ...
WordPress Easy Theme Options plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Easy Theme Options versions = 1.0...
CVE-2025-23473
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Punit Bhalodiya Killer Theme Options killer-theme-options allows Reflected XSS.This issue affects Killer Theme Options: from n/a through = 2.0...
CVE-2025-14367
The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing authorization checks in the etoimportsettings function. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...
CVE-2025-14367 Easy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import
The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing authorization checks in the etoimportsettings function. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...
CVE-2025-14367 Easy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import
The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing authorization checks in the etoimportsettings function. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...
WordPress Easy Theme Options plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Settings Import vulnerability discovered by Legion Hunter in WordPress Plugin Easy Theme Options versions = 1.0...
PT-2025-51067
The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0. This is due to missing authorization checks in the eto import settings function. This makes it possible for authenticated attackers, with Subscriber-level access and above...
WordPress plugin Easy Theme Options 安全漏洞
...
EUVD-2025-199915
The StreamTube Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 4.78. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...
EUVD-2018-8225
Malware in sbrugna...
EUVD-2022-1326
Malicious code in bioql PyPI...
EUVD-2022-24651
Malicious code in bioql PyPI...