Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Shortcodes and extra features for Phlox theme — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in Shortcodes and extra features for Phlox theme, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2025-12379 Shortcodes and extra features for Phlox theme <= 2.17.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget CWE-79 6.4 Medium2026-01-10
CVE-2025-13215 Shortcodes and extra features for Phlox theme <= 2.17.13 - Unauthenticated Draft Posts Information Exposure CWE-200 5.3 Medium2026-01-06
CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability CWE-862 8.1 -2025-12-30
CVE-2025-63071 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Sensitive Data Exposure vulnerability CWE-201 7.5AIHighAI2025-12-09
CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability CWE-862 4.3 Medium2025-02-03
CVE-2024-12588 Shortcodes and extra features for Phlox theme <= 2.17.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Staff Widget CWE-79 6.4 Medium2024-12-21
CVE-2024-9545 Shortcodes and extra features for Phlox theme <= 2.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via aux_contact_box and aux_gmaps Shortcodes CWE-79 6.4 Medium2024-12-21
CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets CWE-79 6.4 Medium2024-10-05
CVE-2023-37888 WordPress Phlox Core Elements plugin <= 2.14.0 - Unauthenticated Local File Inclusion vulnerability CWE-22 7.6 High2024-05-17
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer CWE-502 7.5 High2024-05-02
CVE-2024-3517 Shortcodes and extra features for Phlox theme <= 2.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Widget CWE-79 6.4 Medium2024-05-02
CVE-2024-1533 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-02
CVE-2024-1396 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' CWE-79 6.4 Medium2024-05-02
CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode CWE-79 6.4 Medium2024-05-02
CVE-2024-1348 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS CWE-79 6.4 Medium2024-05-02
CVE-2024-1357 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode CWE-79 6.4 Medium2024-04-16
CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability CWE-862 6.4 Medium2024-04-01
CVE-2023-50368 WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) CWE-79 6.5 Medium2023-12-14
CVE-2022-3359 Shortcodes and extra features for Phlox theme < 2.10.7 - PHP Objection Injection 8.8 -2022-12-12
CVE-2022-1910 Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting CWE-79 6.1 -2022-07-11

All 20 known CVE vulnerabilities affecting Shortcodes and extra features for Phlox theme with full Chinese analysis, references, and POCs where available.