CVE-2019-20211

The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phon...

EUVD-2021-12361

Malware in sbrugna...

EUVD-2024-46711

Malicious code in bioql PyPI...

CVE-2021-25465

An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack...

CVE-2020-36721

The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...

CVE-2025-28881

Cross-Site Request Forgery CSRF vulnerability in mg12 Mobile Themes wp-mobile-themes allows Cross Site Request Forgery.This issue affects Mobile Themes: from n/a through = 1.1.1...

CVE-2025-28881 WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in mg12 Mobile Themes wp-mobile-themes allows Cross Site Request Forgery.This issue affects Mobile Themes: from n/a through = 1.1.1...

The vulnerability of Themes components in Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of Themes component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of Themes component in Windows operating systems, which allows attackers to carry out spoofing attacks

The vulnerability of Themes Windows themes in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to carry out spoofing attacks...

Microsoft Windows Security Vulnerabilities

Microsoft Windows is a suite of operating systems for use on personal devices from the American company Microsoft Microsoft. A security vulnerability exists in Microsoft Windows Themes. An attacker could exploit this vulnerability to conduct spoofing attacks. The following products and editions a...

The vulnerability of Themes component in the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of Themes component in the Windows operating system is related to the incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-30065 Windows Themes Denial of Service Vulnerability

...

The vulnerability of Themes component in the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of Themes component in the Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Access to sensitive...

CVE-2022-42092

Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required...

Backdrop CMS 代码问题漏洞

Backdrop CMS is an open source content management system CMS. A code issue vulnerability exists in Backdrop CMS version 1.22.0, which stems from themes having an unrestricted file upload vulnerability that can be exploited by an attacker to remotely execute code...

Monstra CMS 代码问题漏洞

Monstra is a lightweight content management system CMS. /admin/index.php?id=themes in Monstra version 3.0.4...

drupal6 -- multiple vulnerabilities

Drupal Team reports: A reflected cross site scripting vulnerability was discovered in Drupal's error handler. Drupal displays PHP errors in the messages area, and a specially crafted URL can cause malicious scripts to be injected into the message. The issue can be mitigated by disabling on-screen...