Formula Security Vulnerabilities and Issues — Formula CVE List

Lucene search

AwplifeFormula

2 matches found

CVE•added 2024/06/08 6:15 a.m.•37 views

CVE-2024-5613

The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'quality_customizer_notify_dismiss_action' AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible for una...

6.1CVSS6.3AI score0.00948EPSS

CVE•added 2024/06/08 6:15 a.m.•36 views

CVE-2024-5638

The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customizer_notify_dismiss_recommended_plugins' AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS6.3AI score0.01343EPSS