Search
Search Results (12 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58192 | 3 Wordpress, Xylus Themes, Xylusthemes | 3 Wordpress, Wp Bulk Delete, Wp Bulk Delete | 2026-04-01 | 5.4 Medium |
| Missing Authorization vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bulk Delete: from n/a through <= 1.3.6. | ||||
| CVE-2025-48256 | 1 Xylusthemes | 1 Import Social Events | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events import-facebook-events allows Stored XSS.This issue affects Import Social Events: from n/a through <= 1.8.5. | ||||
| CVE-2025-47531 | 1 Xylusthemes | 1 Xt Event Widget For Social Events | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes XT Event Widget for Social Events xt-facebook-events allows PHP Local File Inclusion.This issue affects XT Event Widget for Social Events: from n/a through <= 1.1.7. | ||||
| CVE-2025-47453 | 1 Xylusthemes | 1 Wp Smart Import | 2026-04-01 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through <= 1.1.3. | ||||
| CVE-2025-24700 | 1 Xylusthemes | 1 Wp Event Aggregator | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator wp-event-aggregator allows Reflected XSS.This issue affects WP Event Aggregator: from n/a through <= 1.8.2. | ||||
| CVE-2024-47352 | 1 Xylusthemes | 1 Wp Bulk Delete | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Bulk Delete wp-bulk-delete allows Stored XSS.This issue affects WP Bulk Delete: from n/a through <= 1.3.1. | ||||
| CVE-2024-32597 | 1 Xylusthemes | 1 Wp Smart Import | 2026-01-13 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7. | ||||
| CVE-2024-38703 | 2 Wordpress, Xylusthemes | 2 Wordpress, Wp Event Aggregator | 2026-01-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9. | ||||
| CVE-2024-30201 | 1 Xylusthemes | 1 Wp Smart Import | 2026-01-08 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4. | ||||
| CVE-2024-31371 | 2 Wordpress, Xylusthemes | 2 Wordpress, Wp Event Aggregator | 2026-01-07 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6. | ||||
| CVE-2022-40209 | 1 Xylusthemes | 1 Wp Smart Import | 2024-11-21 | 6.1 Medium |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress. | ||||
| CVE-2020-24147 | 1 Xylusthemes | 1 Wp Smart Import | 2024-11-21 | 9.1 Critical |
| Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field. | ||||
Page 1 of 1.