Vulnerabilidades em themeisle
97 resultadosCVE-2024-1323MEDIUMOrbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-10672LOWMultiple Page Generator Plugin – MPG <= 4.0.2 - Authenticated (Editor+) Directory Traversal to Limited File DeletionEPSS 0.5%CVE-2025-8145HIGHRedirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2024-13183MEDIUMOrbit Fox by ThemeIsle <= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag ParameterEPSS 0.5%CVE-2024-51671LOWWordPress Otter Blocks plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-47325HIGHWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.7 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-1092MEDIUMRSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.4.1 - Missing AuthorizationEPSS 0.4%CVE-2024-27958HIGHWordPress Visualizer plugin <= 3.10.5 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-35736HIGHWordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerabilityEPSS 0.4%CVE-2025-11691HIGHPPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL InjectionEPSS 0.4%CVE-2024-30235MEDIUMWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-4974MEDIUMFreemius SDK <= 2.4.2 - Missing Authorization ChecksEPSS 0.4%CVE-2024-2126MEDIUMOrbit Fox by ThemeIsle <= 2.10.32 - Authenticated (Contributor+) Stored Cross-Site Scripiting via Registration Form WidgetEPSS 0.4%CVE-2024-3725MEDIUMOtter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleTag'EPSS 0.4%CVE-2023-23708MEDIUMWordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-6781MEDIUMOrbit Fox Companion <= 2.10.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via custom fieldsEPSS 0.4%CVE-2020-36758MEDIUMRSS Aggregator by Feedzy <= 3.4.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36759MEDIUMWoody code snippets <= 2.3.9 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2026-42378MEDIUMWordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2024-2484MEDIUMOrbit Fox by ThemeIsle <= 2.10.34 - Authenticated (Contributor+) Stored Cross-Site Scripting via Services and Post Type Grid WidgetsEPSS 0.4%