Famethemes Onepress
4 CVEs affecting Famethemes Onepress. Latest disclosed: 2025-11-20. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-5092 | Medium | 6.4 | 2025-11-20 | Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library (<= 2.8.3) in various… |
CVE-2024-38739 | Medium | 5.1 | 2024-07-20 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue a… |
CVE-2025-22643 | Medium | 4.3 | 2025-02-04 | Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2024-37448 | Medium | 4.3 | 2025-01-02 | Cross-Site Request Forgery (CSRF) vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through… |