Lucene search
K
ThemifyUltra

5 matches found

CVE
CVE
added 2024/06/19 11:13 a.m.67 views

CVE-2023-46148

CVE-2023-46148 – Themify Ultra (WordPress Theme) \n\nTechnical details from the provided sources indicate a Missing Authorization vulnerability in Themify Ultra (affecting versions up to 7.3.5). The root cause is insufficient access control that allows an authenticated user with subscriber-level ...

8.8CVSS8.8AI score0.00444EPSS
CVE
CVE
added 2023/12/20 6:33 p.m.66 views

CVE-2023-46149

CVE-2023-46149 affects Themify Ultra (WordPress Theme) and is caused by an Unrestricted Upload of File with Dangerous Type in Themify Ultra, impacting versions up to 7.3.5. The vulnerability enables arbitrary file upload, which could lead to remote code execution or full site compromise given an ...

9.9CVSS8.5AI score0.00584EPSS
CVE
CVE
added 2024/06/19 11:15 a.m.65 views

CVE-2023-46146

CVE-2023-46146 relates to Themify Themify Ultra (Theme) with versions up to 7.3.5, where a Missing Authorization/Broken Access Control vulnerability could allow unauthorized access. Public sources indicate the issue affects Themify Ultra through 7.3.5 and that Patchstack lists the fixed version a...

8.8CVSS8.5AI score0.00364EPSS
CVE
CVE
added 2024/05/17 8:32 a.m.59 views

CVE-2023-46145

CVE-2023-46145 is an authenticated privilege escalation in the WordPress theme Themify Ultra. The vulnerability arises from improper privilege management in Themify Ultra versions up to and including 7.3.5, enabling a subscriber-level attacker to escalate privileges. The issue is actively documen...

8.8CVSS6.8AI score0.00566EPSS
CVE
CVE
added 2023/12/20 1:37 p.m.37 views

CVE-2023-46147

CVE-2023-46147 affects Themify Ultra (WordPress theme) up to version 7.3.5. Root cause: deserialization of untrusted data leading to PHP Object Injection. Impact is described as High (C/H/I/H). Patch/mitigation: upgrade to Themify Ultra 7.3.6 or later; Patchstack also notes the fix in 7.3.6. Expl...

8.8CVSS8.5AI score0.00493EPSS