Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

scriptsbundle — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting scriptsbundle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by scriptsbundle:AdForestDWT - Directory & Listing WordPress ThemeNokri – Job Board WordPress ThemeExertio FrameworkCarSpot – Dealership Wordpress Classified ThemeExertioNokriAdForest ElementorCarSpotBuyent
CVE IDTitleCVSSSeverityPublished
CVE-2025-13851 Buyent Theme (with Buyent Classified Plugin) <= 1.0.7 - Unauthenticated Privilege Escalation via User Registration — BuyentCWE-269 9.8 Critical2026-02-19
CVE-2026-1729 AdForest <= 6.0.12 - Authentication Bypass — AdForestCWE-306 9.8 Critical2026-02-12
CVE-2025-69317 WordPress CarSpot theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability — CarSpotCWE-79 7.1 High2026-01-22
CVE-2025-67946 WordPress AdForest theme <= 6.0.11 - Local File Inclusion vulnerability — AdForestCWE-98 9.1AICriticalAI2026-01-22
CVE-2025-67947 WordPress AdForest Elementor plugin <= 3.0.11 - Cross Site Scripting (XSS) vulnerability — AdForest ElementorCWE-79 6.1AIMediumAI2026-01-22
CVE-2025-67569 WordPress AdForest theme <= 6.0.11 - Broken Access Control vulnerability — AdForestCWE-862 8.1AIHighAI2025-12-09
CVE-2025-58259 WordPress Nokri Theme <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability — NokriCWE-352 7.1 High2025-09-22
CVE-2025-8359 AdForest <= 6.0.9 - Authentication Bypass to Admin — AdForestCWE-288 9.8 Critical2025-09-06
CVE-2025-49402 WordPress Exertio Framework Plugin <= 1.3.3 - SQL Injection Vulnerability — Exertio FrameworkCWE-89 8.5 High2025-08-28
CVE-2025-54686 WordPress Exertio Theme <= 1.3.2 - PHP Object Injection Vulnerability — ExertioCWE-502 9.8 Critical2025-08-14
CVE-2025-1313 Nokri - Job Board WordPress Theme <= 1.6.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover — Nokri – Job Board WordPress ThemeCWE-288 8.8 High2025-07-12
CVE-2024-12827 DWT - Directory & Listing WordPress Theme <= 3.3.6 - Unauthenticated Arbitrary User Password Reset — DWT - Directory & Listing WordPress ThemeCWE-620 9.8 Critical2025-06-27
CVE-2024-13373 Exertio Framework <= 1.3.1 - Unauthenticated Arbitrary User Password Update — Exertio FrameworkCWE-620 8.1 High2025-03-01
CVE-2024-12824 Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change — Nokri – Job Board WordPress ThemeCWE-620 9.8 Critical2025-03-01
CVE-2024-12860 CarSpot – Dealership Wordpress Classified Theme <= 2.4.3 - Unauthenticated Arbitrary Password Reset/Account Takeover — CarSpot – Dealership Wordpress Classified ThemeCWE-620 9.8 Critical2025-02-18
CVE-2025-0169 DWT - Directory & Listing WordPress Theme <=3.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — DWT - Directory & Listing WordPress ThemeCWE-79 6.4 Medium2025-02-08
CVE-2024-12857 AdForest <= 5.1.8 - Authentication Bypass — AdForestCWE-288 9.8 Critical2025-01-22
CVE-2025-0170 DWT - Directory & Listing WordPress Theme <= 3.3.3 - Reflected Cross-Site Scripting — DWT - Directory & Listing WordPress ThemeCWE-79 6.1 Medium2025-01-16
CVE-2024-12855 AdForest - Classified Ads WordPress Theme <= 5.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post/Attachment Deletion — AdForestCWE-862 4.3 Medium2025-01-08
CVE-2024-11350 AdForest <= 5.1.6 - Privilege Escalation via Password Reset/Account Takeover — AdForestCWE-640 9.8 Critical2025-01-08
CVE-2024-11349 AdForest <= 5.1.6 - Authentication Bypass — AdForestCWE-288 9.8 Critical2024-12-21

This page lists every published CVE security advisory associated with scriptsbundle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.