Ux-themes Flatsome
6 CVEs affecting Ux-themes Flatsome. Latest disclosed: 2026-03-13. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28994 | High | 7.1 | 2023-08-23 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <= 3.16.8 versions. |
CVE-2026-28083 | Medium | 6.5 | 2026-02-26 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UX-themes Flatsome flatsome allows Stored XSS.This issue… |
CVE-2025-8684 | Medium | 6.4 | 2025-09-05 | The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the theme's shortcodes in all versions up to, and including, 3.20.0 due to in… |
CVE-2024-5346 | Medium | 6.4 | 2024-06-22 | The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX Countdown, Video Button, UX Video, UX Slider, UX Sidebar, and UX Payme… |
CVE-2024-5156 | Medium | 6.4 | 2024-06-20 | The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.18.7 due to… |
CVE-2026-31915 | Medium | 5.3 | 2026-03-13 | Missing Authorization vulnerability in UX-themes Flatsome flatsome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects F… |