Lucene search
K

106 matches found

Nuclei
Nuclei
added yesterday15 views

All Thrive Themes and Plugins - Unauthenticated Option Update

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...

5.3CVSS6.2AI score0.02076EPSS
Exploits2References2
Nuclei
Nuclei
added 3 days ago12 views

Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...

9.1CVSS7.3AI score0.03946EPSS
Exploits2References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37622

Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...

9.8CVSS5.4AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-49107

Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...

9.8CVSS0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.27 views

CVE-2026-49107 WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...

9.8CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:51 a.m.14 views

CVE-2026-49107

CVE-2026-49107 concerns unauthenticated PHP Object Injection in the WordPress Thrive Apprentice plugin for versions below 10.8.10.2. The vulnerability is described as an unauthenticated PHP Object Injection, affecting Thrive Apprentice, with a CVSS v3.1 base score of 9.8 (CRITICAL) and an attack ...

9.8CVSS5.3AI score0.00375EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/04 2:55 p.m.7 views

WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by dutafi in WordPress Plugin Thrive Apprentice versions 10.8.10.2...

9.8CVSS5.5AI score0.00375EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.9 views

VulnCheck KEV: CVE-2023-47783

Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.3CVSS7.3AI score0.00356EPSS
In wildExploits0References2
NVD
NVD
added 2026/02/12 11:16 p.m.5 views

CVE-2019-25325

Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...

8.8CVSS0.00329EPSS
Exploits0References6
CVE
CVE
added 2026/02/12 10:48 p.m.7 views

CVE-2019-25325

Thrive Smart Home 1.1 is affected by an SQL injection in checklogin.php via the 'user' POST parameter, enabling unauthenticated attackers to bypass authentication and gain access. Root cause: improper input handling in login query. Impact per CVSS: high (C/H, I/L, A/N). No remediation details are...

8.8CVSS5.9AI score0.00329EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/12 10:48 p.m.2 views

CVE-2019-25325

Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...

8.8CVSS5.9AI score0.00329EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/12 10:48 p.m.3 views

CVE-2019-25325 Thrive Smart Home 1.1 - 'Smart Home' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...

8.8CVSS5.9AI score0.00329EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.5 views

Thrive Smart Home SQL注入漏洞

Thrive Smart Home is a smart home system developed by Thrive Corporation. Version 1.1 of Thrive Smart Home has a SQL injection vulnerability. This vulnerability stems from the user parameter in the checklogin.php endpoint, which may lead to authentication bypass...

8.8CVSS5.8AI score0.00329EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/28 1:34 a.m.5 views

CVE-2025-62899

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...

5.9CVSS6AI score0.00205EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/27 3:30 a.m.4 views

EUVD-2025-36039

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...

5.5AI score0.00205EPSS
Exploits0References2
NVD
NVD
added 2025/10/27 2:15 a.m.3 views

CVE-2025-62899

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...

5.9CVSS0.00205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43778

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...

5.4CVSS6AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11134

Malware in sbrugna...

9.1CVSS9AI score0.03946EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51879

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00304EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56243

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00234EPSS
Exploits0References1
Rows per page
Query Builder