Weavertheme Weaver_xtreme_theme_support
4 CVEs affecting Weavertheme Weaver_xtreme_theme_support. Latest disclosed: 2024-06-05. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4971 | High | 7.2 | 2023-10-16 | The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an imported file, which could lead to PHP object injections issues wh… |
CVE-2024-4939 | Medium | 6.4 | 2024-06-05 | The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's div shortcode in all versions up to, and inc… |
CVE-2023-6990 | Medium | 5.4 | 2024-01-11 | The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta in all versions up to, and including, 6.3.0 due to insu… |
CVE-2023-0276 | Medium | 5.4 | 2023-04-24 | The Weaver Xtreme Theme Support WordPress plugin before 6.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a pa… |