CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

CVE-2025-54002: WordPress xSmart theme

CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

CVE-2025-50007 is an Incorrect Privilege Assignment vulnerability in the WordPress theme xSmart (Jthemes) affecting versions up to and including 1.2.9.4. Red Hat and NVD entries, mirrored by CVE lists (CVE-2025-50007) and the PatchStack advisory, describe it as a Privilege Escalation risk. The ro...

CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006 WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006 WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

CVE-2025-50006 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress theme/collection item Jthemes xSmart (xsmart) , affecting versions up to and including 1.2.9.4 . The issue arises from improper handling/neutralization of user-supplied input during web page generation, enabli...

PT-2026-3983

Name of the Vulnerable Software and Affected Versions Jthemes xSmart versions through 1.2.9.4 Description An incorrect privilege assignment exists in Jthemes xSmart, potentially allowing privilege escalation. Recommendations Update Jthemes xSmart to a version later than 1.2.9.4...

WordPress plugin xSmart has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...