Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 7:20 a.m.5 views

CVE-2024-44046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify – WooCommerce Product Filter themify-wc-product-filter allows Stored XSS.This issue affects Themify – WooCommerce Product Filter: from n/a through = 1.5.1...

5.9CVSS5.9AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/10/06 12:0 a.m.1 views

PT-2024-30913 · Unknown · Themify – Woocommerce Product Filter

Name of the Vulnerable Software and Affected Versions: Themify – WooCommerce Product Filter versions 1.5.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

5.9CVSS5.3AI score0.00116EPSS
Exploits0References8
Patchstack
Patchstackadded 2024/09/23 12:0 a.m.11 views

WordPress Themify – WooCommerce Product Filter Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Themify – WooCommerce Product Filter Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44046 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b38cdc945b73 Credits bugcraftx Require...

5.9CVSS6.5AI score0.00116EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/06/21 10:15 a.m.13 views

CVE-2024-6027

The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.8CVSS0.00947EPSS
Exploits0References4
CVE
CVEadded 2024/06/21 9:39 a.m.65 views

CVE-2024-6027

The CVE in question is CVE-2024-6027 for Themify – WooCommerce Product Filter (WordPress). The connected sources confirm a time-based SQL Injection in the plugin’s vulnerable code path via the ‘conditions’ parameter in all versions up to 1.4.9, caused by insufficient escaping and inadequate query...

9.8CVSS8.9AI score0.00947EPSS
Exploits0References4Affected Software1
Patchstack
Patchstackadded 2024/06/21 12:0 a.m.9 views

WordPress Themify – WooCommerce Product Filter Plugin <= 1.4.9 is vulnerable to SQL Injection

Software Themify – WooCommerce Product Filter Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6027 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 0ec8ecf4ef08 Credits Arkadiusz Hydzik Required...

9.8CVSS6.8AI score0.00947EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder