Enfold - Responsive Multi-Purpose Theme — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in Enfold - Responsive Multi-Purpose Theme, with AI-generated Chinese analysis, references, and POCs.

Vendor: Kriesi

CVE ID	Title	CVSS	Severity	Published
CVE-2024-13695	Enfold <= 6.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery via attachment_id CWE-918	6.4	Medium	2025-02-25
CVE-2024-13693	Enfold <= 6.0.9 - Missing Authorization to Sensitive Information Disclosure in avia-export-class.php CWE-284	5.3	Medium	2025-02-25
CVE-2024-5061	Enfold <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wrapper_class and class Parameters CWE-79	6.4	Medium	2024-08-30
CVE-2023-38400	WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS) CWE-79	7.1	High	2023-11-30

All 4 known CVE vulnerabilities affecting Enfold - Responsive Multi-Purpose Theme with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Enfold - Responsive Multi-Purpose Theme — Vulnerabilities & Security Advisories 4