Vulnerabilities (CVE)

Filtered by vendor Theme4press Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3852 2 Theme4press, Wordpress 2 Evolve, Wordpress 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2024-37206 1 Theme4press 1 Demo Awesome 2024-07-25 N/A 6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme4Press Demo Awesome allows Reflected XSS.This issue affects Demo Awesome: from n/a through 1.0.1.