Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ThrivethemesSquared

2 matches found

CVE
CVEadded 2021/04/12 2:3 p.m.65 views

CVE-2021-24220

CVE-2021-24220 is tied to Thrive Themes Legacy plugins/themes (up to 2.0.0) that expose a REST endpoint (kraken) used to compress images. The flaw arises when crafted requests, combined with data inserted via an Option Update vulnerability, allow remote retrieval of code from a URL and writing fi...

9.1CVSS9.2AI score0.03946EPSS
Web
CVE
CVEadded 2021/04/12 2:2 p.m.57 views

CVE-2021-24219

The CVE-2021-24219 entry concerns a REST API endpoint in Thrive Themes plugins/themes (e.g., Thrive Optimize and related plugins, and several Thrive Themes themes) that was intended to require an API key for access but could be reached with an empty api_key parameter when Zapier was not enabled. ...

5.3CVSS5.2AI score0.02076EPSS
Web