106 matches found
All Thrive Themes and Plugins - Unauthenticated Option Update
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...
Multiple Thrive Themes < 2.0.0 - Arbitrary File Upload
Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes WordPress theme before 2.0.0, FocusBlog by Thrive Themes WordPress theme before 2.0.0, Squared by...
EUVD-2026-37622
Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...
CVE-2026-49107
Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...
CVE-2026-49107 WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...
CVE-2026-49107
CVE-2026-49107 concerns unauthenticated PHP Object Injection in the WordPress Thrive Apprentice plugin for versions below 10.8.10.2. The vulnerability is described as an unauthenticated PHP Object Injection, affecting Thrive Apprentice, with a CVSS v3.1 base score of 9.8 (CRITICAL) and an attack ...
WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by dutafi in WordPress Plugin Thrive Apprentice versions 10.8.10.2...
VulnCheck KEV: CVE-2023-47783
Missing Authorization vulnerability in Thrive Themes Thrive Theme Builder.This issue affects Thrive Theme Builder: from n/a before 3.24.0...
CVE-2019-25325
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...
CVE-2019-25325
Thrive Smart Home 1.1 is affected by an SQL injection in checklogin.php via the 'user' POST parameter, enabling unauthenticated attackers to bypass authentication and gain access. Root cause: improper input handling in login query. Impact per CVSS: high (C/H, I/L, A/N). No remediation details are...
CVE-2019-25325
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...
CVE-2019-25325 Thrive Smart Home 1.1 - 'Smart Home' Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1 to manipulate login queries and gain...
Thrive Smart Home SQL注入漏洞
Thrive Smart Home is a smart home system developed by Thrive Corporation. Version 1.1 of Thrive Smart Home has a SQL injection vulnerability. This vulnerability stems from the user parameter in the checklogin.php endpoint, which may lead to authentication bypass...
CVE-2025-62899
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...
EUVD-2025-36039
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...
CVE-2025-62899
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...
PT-2025-43778
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive allows Stored XSS.This issue affects Photospace Responsive: from n/a through = 2.2.0...
EUVD-2021-11134
Malware in sbrugna...
EUVD-2023-51879
Malicious code in bioql PyPI...
EUVD-2023-56243
Malicious code in bioql PyPI...