Browse all 6 CVE security advisories affecting Kriesi. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68900 | WordPress Enfold theme <= 7.1.3 - Cross Site Scripting (XSS) vulnerability — EnfoldCWE-79 | 6.1AI | MediumAI | 2026-01-22 |
| CVE-2025-66053 | WordPress Enfold theme <= 7.1.2 - Cross Site Scripting (XSS) vulnerability — EnfoldCWE-79 | 5.4 | - | 2025-11-21 |
| CVE-2024-13695 | Enfold <= 6.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery via attachment_id — Enfold - Responsive Multi-Purpose ThemeCWE-918 | 6.4 | Medium | 2025-02-25 |
| CVE-2024-13693 | Enfold <= 6.0.9 - Missing Authorization to Sensitive Information Disclosure in avia-export-class.php — Enfold - Responsive Multi-Purpose ThemeCWE-284 | 5.3 | Medium | 2025-02-25 |
| CVE-2024-5061 | Enfold <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wrapper_class and class Parameters — Enfold - Responsive Multi-Purpose ThemeCWE-79 | 6.4 | Medium | 2024-08-30 |
| CVE-2023-38400 | WordPress Enfold Theme <= 5.6.4 is vulnerable to Cross Site Scripting (XSS) — Enfold - Responsive Multi-Purpose ThemeCWE-79 | 7.1 | High | 2023-11-30 |
This page lists every published CVE security advisory associated with Kriesi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.