162 matches found
CVE-2023-47693
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.2.6...
CVE-2023-47693 WordPress Ultimate Addons for Contact Form 7 plugin <= 3.2.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through = 3.2.6...
PT-2025-1546 · WordPress · Themefic Ultimate Addons For Contact Form 7
Name of the Vulnerable Software and Affected Versions: Themefic Ultimate Addons for Contact Form 7 versions 3.2.6 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations:...
CVE-2024-32433
Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...
CVE-2024-32433
CVE-2024-32433 is a Cross-Site Request Forgery vulnerability in the BEAF (Ultimate Before After Image Slider & Gallery) WordPress plugin, affecting BEAF versions up to 4.5.4. The vulnerability is described as a CSRF that can affect the notice dismissal flow, enabling an attacker to cause a logged...
CVE-2024-32433 WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...
CVE-2024-32433 WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...
PT-2024-24563 · Unknown · Themefic Beaf
Name of the Vulnerable Software and Affected Versions: Themefic BEAF versions through 4.5.4 Description: A Cross-Site Request Forgery CSRF issue affects Themefic BEAF, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For versions through...
WordPress BEAF Plugin <= 4.5.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software BEAF Type Plugin Vulnerable versions = 4.5.4 Fixed in 4.5.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32433 Patch priority Low CVSS severity Low 4.3 Developer Themefic PSID 289a94720dc1 Credits Dhabaleshwar Das Required privilege...
CVE-2024-29137
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.7...
CVE-2024-29137
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic allows Reflected XSS.This issue affects Tourfic: from n/a through 2.11.7...
CVE-2024-29136
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic: from n/a through 2.11.17...
CVE-2024-29136
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...
CVE-2024-29134
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic allows Stored XSS.This issue affects Tourfic: from n/a through 2.11.8...
CVE-2024-29134
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29134
CVE-2024-29134 affects the Tourfic WordPress plugin (versions up to 2.11.8). It is a Stored XSS due to improper neutralization of input during web page generation. The issue is fixed in Tourfic 2.11.9; administrators should upgrade to the fixed version to mitigate the vulnerability. The connected...
CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29134 WordPress Tourfic plugin <= 2.11.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.8...
CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...
CVE-2024-29136 WordPress Tourfic plugin <= 2.11.17 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through = 2.11.17...