Kriesi Enfold - Responsive Multi-purpose Theme
4 CVEs affecting Kriesi Enfold - Responsive Multi-purpose Theme. Latest disclosed: 2025-02-25. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-38400 | High | 7.1 | 2023-11-30 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Ref… |
CVE-2024-13695 | Medium | 6.4 | 2025-02-25 | The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This… |
CVE-2024-5061 | Medium | 6.4 | 2024-08-30 | The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in… |
CVE-2024-13693 | Medium | 5.3 | 2025-02-25 | The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, a… |