Vulnerabilities in themeisle

98 results

CVE-2024-4635MEDIUMMenu Icons by ThemeIsle <= 0.13.13 - Authenticated (Author+) Stored Cross-Site Scripting via SVG UploadEPSS 0.4%CVE-2025-8289HIGHRedirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR DeserializationEPSS 0.4%CVE-2023-2608LOWMultiple Page Generator Plugin <= 3.3.17 - Cross-Site Request Forgery to SQL InjectionEPSS 0.4%CVE-2024-2226MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2023-6877MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Error MessageEPSS 0.4%CVE-2025-55715HIGHWordPress Otter - Gutenberg Block Plugin <= 3.1.0 - Sensitive Data Exposure VulnerabilityEPSS 0.3%CVE-2024-10367MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.3%CVE-2023-4887MEDIUMGoogle Maps Plugin by Intergeo <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2024-35682MEDIUMWordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2024-3343MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block AttributesEPSS 0.3%CVE-2023-6805MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.4.7 - Authenticated(Contributor+) Blind Server-Side Request Forgery (SSRF)EPSS 0.3%CVE-2025-24666MEDIUMWordPress Hyve Lite plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-24668MEDIUMWordPress PPOM for WooCommerce plugin <= 33.0.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-2841MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-14800HIGHRedirection for Contact Form 7 <= 3.2.7 - Unauthenticated Arbitrary File Copy via move_file_to_uploadEPSS 0.3%CVE-2025-0311MEDIUMOrbit Fox by ThemeIsle <= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table WidgetEPSS 0.3%CVE-2025-58789HIGHWordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection VulnerabilityEPSS 0.3%CVE-2024-35728MEDIUMWordPress Product Addons & Fields for WooCommerce plugin <= 32.0.20 - Content Injection vulnerabilityEPSS 0.3%CVE-2024-10705MEDIUMMultiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrlEPSS 0.3%CVE-2023-7019MEDIUMLightStart – Maintenance Mode, Coming Soon and Landing Page Builder <= 2.6.8 - Missing AuthorizationEPSS 0.3%

← previouspage 3 / 5next →