Vulnerabilidades en Themeisle
98 resultadosCVE-2026-8689MEDIUMVisualizer: Tables and Charts Manager for WordPress <= 3.11.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Chart Creation and Modification via renderChartPages() and uploadData() FunctionsEPSS 0.2%CVE-2026-23970HIGHWordPress Redirection for Contact Form 7 plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-1162MEDIUMOrbit Fox by ThemeIsle <= 2.10.29 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-11467MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 5.1.1 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.2%CVE-2024-31301MEDIUMWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1319MEDIUMRobin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text FieldEPSS 0.2%CVE-2026-11358MEDIUMOrbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More <= 3.0.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu-item-icon' ParameterEPSS 0.2%CVE-2025-12045MEDIUMOrbit Fox Companion <= 3.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Post TaxonomyEPSS 0.2%CVE-2026-56050MEDIUMWordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66069MEDIUMWordPress PPOM for WooCommerce plugin <= 33.0.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58593MEDIUMWordPress Orbit Fox by ThemeIsle Plugin <= 3.0.0 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2024-52420MEDIUMWordPress Disable Admin Notices individually plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37467MEDIUMWordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1755MEDIUMMenu Icons by ThemeIsle <= 0.13.20 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-39507HIGHWordPress Social Slider Feed plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-24573MEDIUMWordPress Visualizer plugin < 4.0.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-53254MEDIUMWordPress Cyrlitera plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-2410MEDIUMDisable Admin Notices – Hide Dashboard Notifications <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%