Lucene search
K

138 matches found

redhatcve
redhatcve
added 2026/01/23 9:15 p.m.5 views

CVE-2026-24381

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

5.4CVSS5.4AI score0.00141EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.7 views

CVE-2025-69320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Magazine grandmagazine allows Reflected XSS.This issue affects Grand Magazine: from n/a through = 3.5.7...

7.1CVSS0.00175EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.3 views

CVE-2025-68538

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through = 2.3.6...

7.1CVSS0.00222EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.6 views

CVE-2025-68518

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Hoteller hoteller allows Reflected XSS.This issue affects Hoteller: from n/a through 6.8.9...

7.1CVSS0.00222EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.3 views

CVE-2025-68520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods DotLife dotlife allows Reflected XSS.This issue affects DotLife: from n/a through 4.9.5...

7.1CVSS0.00222EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.3 views

CVE-2025-68510

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

8.1CVSS0.00403EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.3 views

CVE-2025-67952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS0.0023EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24381

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

5.4CVSS5.3AI score0.00141EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.5 views

CVE-2025-69321

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through = 3.5.5...

7.1CVSS5.2AI score0.00222EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.4 views

CVE-2025-69320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Magazine grandmagazine allows Reflected XSS.This issue affects Grand Magazine: from n/a through = 3.5.7...

7.1CVSS5.2AI score0.00175EPSS
Exploits0References2
cve
cve
added 2026/01/22 4:52 p.m.15 views

CVE-2025-68520

CVE-2025-68520 refers to a Reflected Cross-Site Scripting (XSS) in the WordPress DotLife theme (DotLife by ThemeGoods). Affected: DotLife versions older than 4.9.5. Root cause per description: improper neutralization of input during web page generation. Impact, as stated in sources, includes pote...

7.1CVSS5.4AI score0.00222EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.1 views

CVE-2025-68538

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through = 2.3.6...

7.1CVSS5.3AI score0.00222EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.5 views

CVE-2025-68510

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

8.1CVSS5.4AI score0.00403EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/22 4:51 p.m.2 views

CVE-2025-67952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Tour grandtour allows Reflected XSS.This issue affects Grand Tour: from n/a through 5.6.2...

7.1CVSS5.3AI score0.0023EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.13 views

PT-2026-4080

Name of the Vulnerable Software and Affected Versions DotLife versions prior to 4.9.5 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for the execution of malicious scripts...

5.4AI score0.00222EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.5 views

PT-2026-4032

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Tour versions prior to 5.6.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting XSS issue. This could allow an...

5.3AI score0.0023EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.4 views

PT-2026-4198

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Magazine grandmagazine allows Reflected XSS.This issue affects Grand Magazine: from n/a through = 3.5.7...

5.4AI score0.00175EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.7 views

PT-2026-4078

Name of the Vulnerable Software and Affected Versions ThemeGoods Photography versions prior to 7.7.5 Description The software contains a flaw due to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusio...

5.3AI score0.00403EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.5 views

PT-2026-4079

Name of the Vulnerable Software and Affected Versions Hoteller versions prior to 6.8.9 Description A flaw exists in ThemeGoods Hoteller that allows for Reflected Cross-site Scripting XSS. This issue arises from improper neutralization of input during web page generation. The vulnerability could...

5.3AI score0.00222EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.6 views

PT-2026-4199

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Spa grandspa allows Reflected XSS.This issue affects Grand Spa: from n/a through = 3.5.5...

5.4AI score0.00222EPSS
Exploits0References2
Rows per page
Query Builder