4 matches found
CVE-2025-23987
CVE-2025-23987: DOM-based XSS in WordPress Designer plugin (CodegearThemes Designer) affecting Designer versions up to 1.6.0. Public records (NVD/Red Hat) reiterate the same description. Patchstack entry indicates mitigation via a fix in 1.6.4 (and later). Recommendation: upgrade to 1.6.4 or newe...
CVE-2025-23987 WordPress Designer plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codegearthemes Designer designer allows DOM-Based XSS.This issue affects Designer: from n/a through = 1.6.4...
CVE-2024-54225 WordPress Designer plugin <= 1.4.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codegearthemes Designer designer allows PHP Local File Inclusion.This issue affects Designer: from n/a through = 1.4.1...
WordPress Designer plugin <= 1.4.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Designer versions = 1.4.1...