CVE-2024-56216 WordPress Themify Builder plugin <= 7.6.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themify Themify Builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through 7.6.3...

WordPress Themify Builder Plugin <= 7.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Themify Builder Type Plugin Vulnerable versions = 7.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52423 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f592b7b1efcd Credits João Pedro S Alcântara Kinorth Required...

WordPress Themify Builder Plugin <= 7.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Themify Builder Type Plugin Vulnerable versions = 7.6.2 Fixed in 7.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9385 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ab445f01cba Credits Colin Xu Required...

WordPress Themify Builder Plugin <= 7.6.1 is vulnerable to Broken Access Control

Software Themify Builder Type Plugin Vulnerable versions = 7.6.1 Fixed in 7.6.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7836 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bd6e0e69059b Credits Peter Thaleikis Required...

WordPress Themify Builder Plugin < 7.5.8 is vulnerable to Open Redirection

Software Themify Builder Type Plugin Vulnerable versions 7.5.8 Fixed in 7.5.8 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2024-3032 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 72a5598c790a Credits Valentin LOBSTEIN Required privilege...