Lucene search
K

494 matches found

Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.5 views

PT-2025-36127

Name of the Vulnerable Software and Affected Versions: Themify Popup versions through 1.4.4 Description: Themify Popup contains a stored cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into web...

6.5CVSS5.6AI score0.0019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.11 views

CVE-2025-49395

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Icons themify-icons allows Stored XSS.This issue affects Themify Icons: from n/a through = 2.0.3...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.13 views

CVE-2025-49396

Missing Authorization vulnerability in themifyme Themify Builder themify-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themify Builder: from n/a through = 7.6.7...

4.3CVSS5.9AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 8:31 a.m.6 views

CVE-2025-49392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through = 2.0.5...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/08/20 9:7 a.m.8 views

WordPress Themify Audio Dock Plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Themify Audio Dock versions = 2.0.5...

5.9CVSS6AI score0.0021EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/20 9:6 a.m.7 views

WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Themify Icons versions = 2.0.3...

6.5CVSS6AI score0.0019EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/08/20 9:6 a.m.10 views

WordPress Themify Builder Plugin <= 7.6.7 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Denver Jackson in WordPress Plugin Themify Builder versions = 7.6.7...

4.3CVSS6.7AI score0.00222EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/08/20 8:15 a.m.7 views

CVE-2025-49396

Missing Authorization vulnerability in themifyme Themify Builder themify-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themify Builder: from n/a through = 7.6.7...

4.3CVSS0.00222EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.8 views

CVE-2025-49392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through = 2.0.5...

5.9CVSS0.0021EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 8:15 a.m.5 views

CVE-2025-49395

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Icons themify-icons allows Stored XSS.This issue affects Themify Icons: from n/a through = 2.0.3...

6.5CVSS0.0019EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.15 views

CVE-2025-49395

CVE-2025-49395 affects Themify Icons plugin for WordPress (versions up to 2.0.3). The issue is a Stored Cross-Site Scripting (XSS) caused by improper neutralization of user-supplied input during web page generation. Exploitation could allow an attacker to inject and execute script in an admin/use...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.11 views

CVE-2025-49395 WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Icons themify-icons allows Stored XSS.This issue affects Themify Icons: from n/a through = 2.0.3...

6.5CVSS0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.6 views

CVE-2025-49395 WordPress Themify Icons Plugin <= 2.0.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Icons allows Stored XSS. This issue affects Themify Icons: from n/a through 2.0.3...

6.5CVSS6.4AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.11 views

CVE-2025-49392 WordPress Themify Audio Dock Plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through = 2.0.5...

5.9CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.4 views

CVE-2025-49392 WordPress Themify Audio Dock Plugin <= 2.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Audio Dock allows Stored XSS. This issue affects Themify Audio Dock: from n/a through 2.0.5...

5.9CVSS6.4AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.19 views

CVE-2025-49392

The CVE-2025-49392 entry describes a Stored Cross-Site Scripting (XSS) vulnerability in Themify Audio Dock for WordPress, applicable to versions up to 2.0.5. The issue arises from improper input neutralization during web page generation. Public sources in connected documents (NVD, PatchStack, PT-...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.20 views

CVE-2025-49396

CVE-2025-49396 covers a missing/incorrectly authorized access issue in the WordPress plugin Themify Builder up to version 7.6.7 . Multiple sources (PT-security PT-2025-33938, CNNVD, CVE records) describe a Broken Access Control / Missing Authorization vulnerability that could be exploited due to ...

4.3CVSS5.9AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.14 views

CVE-2025-49396 WordPress Themify Builder Plugin <= 7.6.7 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themifyme Themify Builder themify-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Themify Builder: from n/a through = 7.6.7...

4.3CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.5 views

CVE-2025-49396 WordPress Themify Builder Plugin <= 7.6.7 - Broken Access Control Vulnerability

Missing Authorization vulnerability in themifyme Themify Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Themify Builder: from n/a through 7.6.7...

4.3CVSS6.6AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.8 views

PT-2025-33937 · WordPress · Themify Icons

Name of the Vulnerable Software and Affected Versions: Themify Icons versions through 2.0.3 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which results in a Stored Cross-site Scripting condition. Recommendations: At the moment, there is n...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References3
Rows per page
Query Builder