CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-54002

CVE-2025-54002: WordPress xSmart theme

CVE-2025-54002 WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes xSmart xsmart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50007

CVE-2025-50007 is an Incorrect Privilege Assignment vulnerability in the WordPress theme xSmart (Jthemes) affecting versions up to and including 1.2.9.4. Red Hat and NVD entries, mirrored by CVE lists (CVE-2025-50007) and the PatchStack advisory, describe it as a Privilege Escalation risk. The ro...

CVE-2025-50006 WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-50006

CVE-2025-50006 is a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress theme/collection item Jthemes xSmart (xsmart) , affecting versions up to and including 1.2.9.4 . The issue arises from improper handling/neutralization of user-supplied input during web page generation, enabli...

CVE-2025-50006 WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes xSmart xsmart allows Reflected XSS.This issue affects xSmart: from n/a through = 1.2.9.4...

WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...

CVE-2025-62936

CVE-2025-62936 concerns WordPress theme/plugin xSmart (WordPress Theme: xSmart) with versions up to and including 1.2.9.4. The issue is Improper Neutralization of Script-Related HTML Tags in a Web Page, i.e., a Basic XSS vulnerability that can enable Code Injection. The vulnerability affects the ...

CVE-2025-62936 WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

CVE-2025-62936 WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

WordPress xSmart theme <= 1.2.9.4 - Content Injection vulnerability

Content Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...