Lucene search
K

267 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:43 a.m.12 views

CVE-2024-35728

Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20...

5.3CVSS7AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.7 views

CVE-2024-35682

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11...

5.3CVSS6.8AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:3 a.m.6 views

CVE-2024-51671

Missing Authorization vulnerability in Themeisle Otter - Gutenberg Block otter-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Otter - Gutenberg Block: from n/a through = 3.0.3...

2.7CVSS5.9AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:44 a.m.5 views

CVE-2024-37467

Cross-Site Request Forgery CSRF vulnerability in themeisle Hestia hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through = 3.1.2...

4.3CVSS5.9AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.9 views

CVE-2024-31301

Cross-Site Request Forgery CSRF vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0...

8.8CVSS8.6AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:15 a.m.9 views

CVE-2023-47529

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeIsle Cloud Templates & Patterns collection.This issue affects Cloud Templates & Patterns collection: from n/a through 1.2.2...

7.5CVSS7.7AI score0.00972EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.16 views

CVE-2023-23708

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.4 versions...

6.5CVSS5.6AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.8 views

CVE-2023-33927

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.3.19...

9.8CVSS8.9AI score0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:44 a.m.8 views

CVE-2023-39920

Missing Authorization vulnerability in Themeisle Redirection for Contact Form 7 wpcf7-redirect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Redirection for Contact Form 7: from n/a through = 2.9.2...

7.5CVSS7.3AI score0.00608EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:7 a.m.6 views

CVE-2022-46848

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin = 3.9.1 versions...

6.5CVSS5.6AI score0.00508EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.7 views

CVE-2022-47143

Cross-Site Request Forgery CSRF vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin = 3.3.9 versions...

8.8CVSS7.1AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:20 p.m.10 views

CVE-2021-24157

Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfilteredhtml capability prior to saving the script tags, thus allowing lower-level users to inject scripts that could potentially be maliciou...

5.4CVSS6.7AI score0.00687EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/03/29 3:23 p.m.9 views

CVE-2025-22659

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through = 2.10.44...

6.5CVSS7.2AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 3:15 p.m.2 views

CVE-2025-22659

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through 2.10.44...

5.4CVSS9.2AI score
Exploits0References1
NVD
NVD
added 2025/03/27 3:15 p.m.11 views

CVE-2025-22659

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through = 2.10.44...

6.5CVSS0.00265EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 3:1 p.m.50 views

CVE-2025-22659

CVE-2025-22659 concerns the WordPress Orbit Fox plugin by ThemeIsle (

6.5CVSS7.2AI score0.00265EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/27 3:1 p.m.5 views

CVE-2025-22659 WordPress Orbit Fox by ThemeIsle plugin <= 2.10.44 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through = 2.10.44...

6.5CVSS7.2AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 3:1 p.m.14 views

CVE-2025-22659 WordPress Orbit Fox by ThemeIsle plugin <= 2.10.44 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through = 2.10.44...

6.5CVSS0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.4 views

WordPress plugin Orbit Fox by ThemeIsle 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS8AI score0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 8:29 a.m.6 views

CVE-2024-47325

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects MPG: from n/a through = 3.4.7...

8.8CVSS5.9AI score0.00459EPSS
Exploits0References1
Rows per page
Query Builder