WordPress Themify Newsy Theme <= 1.9.9 is vulnerable to Arbitrary File Upload

Software Themify Newsy Type Theme Vulnerable versions = 1.9.9 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-30996 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 81aeabc7a9a6 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

WordPress Themify Newsy Theme <= 1.9.9 is vulnerable to Cross Site Scripting (XSS)

Software Themify Newsy Type Theme Vulnerable versions = 1.9.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-31013 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 46381da0b3db Credits Tran Nguyen Bao Khanh VCI - VNPT Cybe...