| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-7836 | Themify Builder <= 7.6.1 - Missing Authorization to Authenticated (Contributor+) Post Duplication | themifyme | Themify Builder | Medium | 4.3 | 2024-08-22 02:02:03 | Deep Dive |
| CVE-2024-43133 | WordPress Themify Shortcodes plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability | Themify | Themify Shortcodes | Medium | 6.5 | 2024-08-12 22:28:09 | Deep Dive |
| CVE-2024-6027 | Themify - WooCommerce Product Filter <= 1.4.9 - Unauthenticated SQL Injection via conditions Parameter | themifyme | Themify – WooCommerce Product Filter | Critical | 9.8 | 2024-06-21 09:39:38 | Deep Dive |
| CVE-2023-46146 | WordPress Themify Ultra theme <= 7.3.5 - Multiple Broken Access Control vulnerability | Themify | Themify Ultra | High | 8.3 | 2024-06-19 11:15:06 | Deep Dive |
| CVE-2023-46148 | WordPress Themify Ultra theme <= 7.3.5 - Authenticated Arbitrary Settings Change vulnerability | Themify | Themify Ultra | High | 8.8 | 2024-06-19 11:13:30 | Deep Dive |
| CVE-2024-3032 | Themify Builder < 7.5.8 - Open Redirect | Unknown | Themify Builder | - | - | 2024-06-13 06:00:03 | Deep Dive |
| CVE-2023-46145 | WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability | Themify | Themify Ultra | High | 8.8 | 2024-05-17 08:32:44 | Deep Dive |
| CVE-2024-4567 | Themify Shortcodes <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode | themifyme | Themify Shortcodes | Medium | 6.4 | 2024-05-09 20:03:38 | Deep Dive |
| CVE-2024-31366 | WordPress Post Type Builder (PTB) plugin <= 2.0.8 - Auth. Arbitrary Post/Page Creation vulnerability | Themify | Post Type Builder (PTB) | High | 7.1 | 2024-04-09 07:23:00 | Deep Dive |
| CVE-2024-31365 | WordPress Post Type Builder (PTB) plugin < 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability | Themify | Post Type Builder (PTB) | High | 7.1 | 2024-04-09 07:14:26 | Deep Dive |
| CVE-2024-2278 | WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS | Unknown | Themify | 中危 | - | 2024-04-01 05:00:02 | Deep Dive |
| CVE-2024-2263 | WooCommerce Product Filter < 1.4.4 - Reflected XSS | Unknown | Themify | 高危 | - | 2024-04-01 05:00:02 | Deep Dive |
| CVE-2024-2262 | WooCommerce Product Filter < 1.4.4 - Filter Deletion via CSRF | Unknown | Themify | 低危 | - | 2024-04-01 05:00:02 | Deep Dive |
| CVE-2024-30440 | WordPress Themify Event Post plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | Themify | Themify Event Post | Medium | 5.9 | 2024-03-29 17:17:12 | Deep Dive |
| CVE-2024-2732 | Themify Shortcodes <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | themifyme | Themify Shortcodes | Medium | 5.4 | 2024-03-26 01:58:55 | Deep Dive |
| CVE-2024-24872 | WordPress Themify Builder Plugin <= 7.0.5 is vulnerable to Cross Site Request Forgery (CSRF) | Themify | Themify Builder | Medium | 4.3 | 2024-02-21 06:57:31 | Deep Dive |
| CVE-2023-51693 | WordPress Themify Icons Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) | Themify Icons | Themify Icons | Medium | 6.5 | 2024-02-01 11:02:26 | Deep Dive |
| CVE-2023-46149 | WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload | Themify | Themify Ultra | Critical | 9.9 | 2023-12-20 18:33:09 | Deep Dive |
| CVE-2023-46147 | WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection | Themify | Themify Ultra | High | 7.4 | 2023-12-20 13:37:17 | Deep Dive |
| CVE-2022-32970 | WordPress Themify Portfolio Post Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) | Themify | Themify Portfolio Post | Medium | 4.1 | 2023-05-10 08:56:39 | Deep Dive |