494 matches found
CVE-2025-30996
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...
CVE-2024-2263
Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-2262
Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the related filter slugs...
CVE-2024-2732
The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'themifypostslider shortcode in all versions up to, and including, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-30996
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...
CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...
CVE-2025-30996 WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Newsy newsy allows Upload a Web Shell to a Web Server.This issue affects Themify Newsy: from n/a through = 1.9.9...
CVE-2025-30996
CVE-2025-30996 concerns an Unrestricted Upload of File with Dangerous Type vulnerability in Themify WordPress themes/plugins, including Sidepane, Newsy, Folo, Edmin, Bloggie, Photobox, Wigi, Rezo and Slide. Red Hat and CIRCL entries confirm the issue affects Themify Sidepane, Newsy, Folo, Edmin, ...
CVE-2025-31048
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...
CVE-2025-31047
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...
WordPress多款产品 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL bas...
PT-2026-1513
Name of the Vulnerable Software and Affected Versions Themify Sidepane WordPress Theme versions n/a through 1.9.8 Themify Newsy versions n/a through 1.9.9 Themify Folo versions n/a through 1.9.6 Themify Edmin versions n/a through 2.0.0 Themify Bloggie versions n/a through 2.0.8 Themify Photobox...
CVE-2025-31047
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...
CVE-2025-31048
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...
CVE-2025-31048 WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...
CVE-2025-31048
CVE-2025-31048 affects WordPress plugin/theme Shopo (Themify Shopo) up to version 1.1.4, with an Unrestricted Upload of File with Dangerous Type vulnerability that can permit uploading a web shell to the server. The issue is described across multiple sources (NVD/Red Hat entries and Patchstack), ...
CVE-2025-31047 WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...
CVE-2025-31047
CVE-2025-31047: Deserialization of untrusted data in Themify Edmin theme (
EUVD-2026-0878
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...
CVE-2025-31047 WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...