Themify Builder

6 CVEs affecting Themify Builder. Latest disclosed: 2024-12-31. Critical: 0, High: 0.

Top CVEs affecting Themify Builder
CVESeverityScorePublishedSummary
CVE-2024-56216Medium6.52024-12-31Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Builder themify-buil…
CVE-2024-52423Medium6.52024-11-18Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder themify-builder allows Stored X…
CVE-2024-9385Medium6.12024-10-05The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the UR…
CVE-2024-3032Medium6.12024-06-13Themify Builder WordPress plugin before 7.5.8 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue
CVE-2024-7836Medium4.32024-08-22The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicate_page_ajaxify function in all ver…
CVE-2024-24872Medium4.32024-02-21Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects Themify Builder: from n/a through 7.0.5.