| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-1326 | Homey - Booking and Rentals WordPress Theme <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Reservation & Post Deletion | Fave Themes | Homey | Medium | 4.3 | 2025-05-02 03:21:21 | Deep Dive |
| CVE-2025-1327 | Homey - Booking and Rentals WordPress Theme <= 2.4.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion | Fave Themes | Homey | Medium | 4.3 | 2025-05-02 03:21:19 | Deep Dive |
| CVE-2025-0748 | Homey <= 2.4.3 - Cross-Site Request Forgery to User Verification | Fave Themes | Homey | Medium | 4.3 | 2025-03-07 01:44:54 | Deep Dive |
| CVE-2025-0749 | Homey <= 2.4.3 - Limited Authentication Bypass due to Missing Empty Value Check | Fave Themes | Homey | High | 8.1 | 2025-03-07 01:44:54 | Deep Dive |
| CVE-2024-11951 | Homey Login Register <= 2.4.0 - Unauthenticated Privilege Escalation in homey_register | Fave Themes | Homey Login Register | Critical | 9.8 | 2025-03-05 11:22:10 | Deep Dive |
| CVE-2024-12281 | Homey <= 2.4.2 - Unauthenticated Privilege Escalation in homey_save_profile | Fave Themes | Homey | Critical | 9.8 | 2025-03-05 11:22:10 | Deep Dive |