Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

uxper — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting uxper. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by uxper:GoloTogoNussSalaCivi - Job Board & Freelance Marketplace WordPress ThemeGolo - City Travel Guide WordPress ThemeUxper BookingCivi FrameworkSala - Startup & SaaS WordPress Theme
CVE IDTitleCVSSSeverityPublished
CVE-2026-27051 WordPress Golo theme <= 1.7.0 - Privilege Escalation vulnerability — GoloCWE-266 9.8 Critical2026-03-25
CVE-2026-23973 WordPress Golo theme < 1.7.5 - Reflected Cross Site Scripting (XSS) vulnerability — GoloCWE-79 7.1 High2026-03-25
CVE-2026-23975 WordPress Golo theme < 1.7.5 - Local File Inclusion vulnerability — GoloCWE-98 7.5 High2026-01-22
CVE-2026-23974 WordPress Golo theme < 1.7.5 - Broken Access Control vulnerability — GoloCWE-862 5.3 Medium2026-01-22
CVE-2025-52739 WordPress Sala theme <= 1.1.3 - Cross Site Scripting (XSS) vulnerability — SalaCWE-79 7.1 High2025-12-31
CVE-2025-62037 WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability — TogoCWE-862 6.5 Medium2025-11-06
CVE-2025-62036 WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability — TogoCWE-79 6.1 -2025-11-06
CVE-2025-62034 WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability — TogoCWE-266 9.8 -2025-11-06
CVE-2025-62035 WordPress Togo theme < 1.0.4 - PHP Object Injection vulnerability — TogoCWE-502 9.8 -2025-11-06
CVE-2025-62033 WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability — TogoCWE-862 6.5 Medium2025-11-06
CVE-2025-54709 WordPress Sala Theme <= 1.1.6 - Local File Inclusion Vulnerability — SalaCWE-98 8.1 High2025-09-09
CVE-2025-54725 WordPress Golo Theme <= 1.7.0 - Broken Authentication Vulnerability — GoloCWE-288 9.8 Critical2025-08-28
CVE-2025-54724 WordPress Golo Theme <= 1.7.1 - Cross Site Scripting (XSS) Vulnerability — GoloCWE-79 7.1 High2025-08-28
CVE-2025-49891 WordPress Uxper Booking Plugin <= 1.3.3 - SQL Injection Vulnerability — Uxper BookingCWE-89 8.5 High2025-08-20
CVE-2025-49893 WordPress Nuss Theme <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability — NussCWE-79 7.1 High2025-08-20
CVE-2025-49892 WordPress Uxper Booking Plugin <= 1.3.3 - Local File Inclusion Vulnerability — Uxper BookingCWE-98 8.1 High2025-08-20
CVE-2025-49894 WordPress Nuss Theme <= 1.3.3 - Local File Inclusion Vulnerability — NussCWE-98 8.1 High2025-08-20
CVE-2025-52803 WordPress Sala theme <= 1.1.3 - Broken Access Control Vulnerability — SalaCWE-862 7.5 High2025-07-16
CVE-2025-52804 WordPress Nuss theme <= 1.3.7.1 - Broken Access Control Vulnerability — NussCWE-862 7.5 High2025-07-16
CVE-2025-4606 Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover — Sala - Startup & SaaS WordPress ThemeCWE-620 9.8 Critical2025-07-09
CVE-2025-52826 WordPress Sala theme <= 1.1.3 - PHP Object Injection Vulnerability — SalaCWE-502 8.8 High2025-06-27
CVE-2025-52827 WordPress Nuss theme <= 1.3.3 - PHP Object Injection Vulnerability — NussCWE-502 8.8 High2025-06-27
CVE-2025-49511 WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability — Civi FrameworkCWE-352 7.1 High2025-06-10
CVE-2025-4797 Golo <= 1.7.0 - Authentication Bypass to Account Takeover — Golo - City Travel Guide WordPress ThemeCWE-288 9.8 Critical2025-06-03
CVE-2024-13773 Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Sensitive Information Exposure — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-321 7.3 High2025-03-14
CVE-2024-13772 Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.6.1 - Authentication Bypass — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-288 5.6 Medium2025-03-14
CVE-2024-13771 Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Authentication Bypass via Password Update — Civi - Job Board & Freelance Marketplace WordPress ThemeCWE-288 9.8 Critical2025-03-14
CVE-2024-12876 Golo - Directory & Listing, Travel WordPress Theme <= 1.6.10 - Missing Authorization to Privilege Escalation via Unauthenticated Arbitrary User Password Change — Golo - City Travel Guide WordPress ThemeCWE-862 9.8 Critical2025-03-07

This page lists every published CVE security advisory associated with uxper. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.