| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-68900 | WordPress Enfold theme <= 7.1.3 - Cross Site Scripting (XSS) vulnerability | Kriesi | Enfold | - | - | 2026-01-22 16:52:13 | Deep Dive |
| CVE-2025-66053 | WordPress Enfold theme <= 7.1.2 - Cross Site Scripting (XSS) vulnerability | Kriesi | Enfold | 中危 | - | 2025-11-21 12:29:53 | Deep Dive |
| CVE-2024-13695 | Enfold <= 6.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery via attachment_id | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 6.4 | 2025-02-25 09:21:34 | Deep Dive |
| CVE-2024-13693 | Enfold <= 6.0.9 - Missing Authorization to Sensitive Information Disclosure in avia-export-class.php | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 5.3 | 2025-02-25 09:21:33 | Deep Dive |
| CVE-2024-5061 | Enfold <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wrapper_class and class Parameters | Kriesi | Enfold - Responsive Multi-Purpose Theme | Medium | 6.4 | 2024-08-30 03:24:15 | Deep Dive |
| CVE-2024-37199 | WordPress Enfold theme <= 5.6.9 - Reflected Cross Site Scripting (XSS) vulnerability | Kriesi.at | Enfold | High | 7.1 | 2024-07-22 09:33:23 | Deep Dive |
| CVE-2023-38400 | WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS) | Kriesi | Enfold - Responsive Multi-Purpose Theme | High | 7.1 | 2023-11-30 16:57:17 | Deep Dive |