Lucene search
K

494 matches found

RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.6 views

CVE-2025-30996

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

9.9CVSS8.4AI score0.00437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.8 views

CVE-2024-2263

Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

4.8CVSS6.1AI score0.00402EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.9 views

CVE-2024-2262

Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the related filter slugs...

4.7CVSS6.9AI score0.00237EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.14 views

CVE-2024-2732

The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'themifypostslider shortcode in all versions up to, and including, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS5.8AI score0.00343EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 9:15 p.m.7 views

CVE-2025-30996

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

9.9CVSS0.00437EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/01/06 8:56 p.m.30 views

CVE-2025-30996 Arbitrary File Upload Vulnerability in WordPress themes by Themify

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

9.9CVSS0.00437EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/01/06 8:56 p.m.6 views

CVE-2025-30996 WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Newsy newsy allows Upload a Web Shell to a Web Server.This issue affects Themify Newsy: from n/a through = 1.9.9...

9.9CVSS7.3AI score0.00437EPSS
Exploits0References1
CVE
CVE
added 2026/01/06 8:56 p.m.51 views

CVE-2025-30996

CVE-2025-30996 concerns an Unrestricted Upload of File with Dangerous Type vulnerability in Themify WordPress themes/plugins, including Sidepane, Newsy, Folo, Edmin, Bloggie, Photobox, Wigi, Rezo and Slide. Red Hat and CIRCL entries confirm the issue affects Themify Sidepane, Newsy, Folo, Edmin, ...

9.9CVSS8.4AI score0.00437EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/06 11:14 a.m.14 views

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS4.6AI score0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/06 11:14 a.m.4 views

CVE-2025-31047

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...

8.8CVSS5.2AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.5 views

WordPress多款产品 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL bas...

9.9CVSS7.9AI score0.00437EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.4 views

PT-2026-1513

Name of the Vulnerable Software and Affected Versions Themify Sidepane WordPress Theme versions n/a through 1.9.8 Themify Newsy versions n/a through 1.9.9 Themify Folo versions n/a through 1.9.6 Themify Edmin versions n/a through 2.0.0 Themify Bloggie versions n/a through 2.0.8 Themify Photobox...

9.9CVSS6.9AI score0.00437EPSS
Exploits0References16
NVD
NVD
added 2026/01/05 11:17 a.m.4 views

CVE-2025-31047

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...

8.8CVSS0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/01/05 11:17 a.m.5 views

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/05 10:27 a.m.4 views

CVE-2025-31048 WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

9.9CVSS6.5AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/01/05 10:27 a.m.14 views

CVE-2025-31048

CVE-2025-31048 affects WordPress plugin/theme Shopo (Themify Shopo) up to version 1.1.4, with an Unrestricted Upload of File with Dangerous Type vulnerability that can permit uploading a web shell to the server. The issue is described across multiple sources (NVD/Red Hat entries and Patchstack), ...

9.9CVSS4.6AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/05 10:26 a.m.25 views

CVE-2025-31047 WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...

8.8CVSS0.00301EPSS
Exploits0References1
CVE
CVE
added 2026/01/05 10:26 a.m.15 views

CVE-2025-31047

CVE-2025-31047: Deserialization of untrusted data in Themify Edmin theme (

8.8CVSS5.2AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/05 10:26 a.m.4 views

EUVD-2026-0878

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...

8.8CVSS6.4AI score0.00301EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/05 10:26 a.m.5 views

CVE-2025-31047 WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0...

8.8CVSS6.6AI score0.00301EPSS
Exploits0References1
Rows per page
Query Builder