Favethemes Houzez Theme - Functionality
5 CVEs affecting Favethemes Houzez Theme - Functionality. Latest disclosed: 2026-01-22. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5793 | High | 8.8 | 2024-07-09 | The Houzez Theme - Functionality plugin for WordPress is vulnerable to SQL Injection via the ‘currency_code’ parameter in all versions up to, and including, 3… |
CVE-2025-62054 | High | 7.5 | 2025-10-22 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez Theme - Functionalit… |
CVE-2025-62057 | High | 7.1 | 2025-11-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-func… |
CVE-2026-24355 | Medium | 6.5 | 2026-01-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-func… |
CVE-2025-62058 | Medium | 6.5 | 2025-10-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-func… |