CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload

Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...

9.1CVSS7.8AI score0.6379EPSS

Exploits2References2

Nuclei•added 2 days ago•11 views

All Thrive Themes and Plugins - Unauthenticated Option Update

The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...

5.3CVSS6AI score0.16356EPSS

Exploits2References2

Patchstack•added 4 days ago•4 views

WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by dutafi in WordPress Plugin Thrive Apprentice versions 10.8.10.2...

5.5AI score

Exploits0Affected Software1

VulnCheck KEV•added 2026/05/04 12:0 a.m.•6 views

VulnCheck KEV: CVE-2023-47783

Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.3CVSS7.3AI score0.00205EPSS

In wildExploits0References2

NVD•added 2026/02/12 11:16 p.m.•2 views

CVE-2019-25325

Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...

8.8CVSS0.00468EPSS

Exploits0References6

Vulnrichment•added 2026/02/12 10:48 p.m.•3 views

CVE-2019-25325 Thrive Smart Home 1.1 - 'Smart Home' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

8.8CVSS5.9AI score0.00468EPSS

Exploits0References6

ATTACKERKB•added 2026/02/12 10:48 p.m.•1 views

CVE-2019-25325

8.8CVSS5.9AI score0.00468EPSS

Exploits0References4Affected Software1

CVE•added 2026/02/12 10:48 p.m.•5 views

CVE-2019-25325

Thrive Smart Home 1.1 is affected by an SQL injection in checklogin.php via the 'user' POST parameter, enabling unauthenticated attackers to bypass authentication and gain access. Root cause: improper input handling in login query. Impact per CVSS: high (C/H, I/L, A/N). No remediation details are...

8.8CVSS5.9AI score0.00468EPSS

Exploits0References6

CNNVD•added 2026/02/12 12:0 a.m.•2 views

Thrive Smart Home SQL注入漏洞

Thrive Smart Home is a smart home system developed by Thrive Corporation. Version 1.1 of Thrive Smart Home has a SQL injection vulnerability. This vulnerability stems from the user parameter in the checklogin.php endpoint, which may lead to authentication bypass...

8.8CVSS5.8AI score0.00468EPSS

Exploits0References6

RedhatCVE•added 2025/10/28 1:34 a.m.•3 views

CVE-2025-62899

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...

5.9CVSS6AI score0.00027EPSS

Exploits0References1