Vulnerabilities > Apollo13Themes

DATE CVE VULNERABILITY TITLE RISK
2024-07-21 CVE-2024-37480 Unspecified vulnerability in Apollo13Themes Apollo13 Framework Extensions
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.3.
network
low complexity
apollo13themes
5.4
5.4
2024-07-02 CVE-2024-5504 Cross-site Scripting vulnerability in Apollo13Themes Rife Elementor Extensions & Templates
The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute within the plugin's Writing Effect Headline widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
apollo13themes CWE-79
5.4
5.4
2024-06-08 CVE-2024-35708 Cross-site Scripting vulnerability in Apollo13Themes Rife Free
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2.4.19.
network
low complexity
apollo13themes CWE-79
5.4
5.4
2024-02-08 CVE-2024-24880 Unspecified vulnerability in Apollo13Themes Apollo13 Framework Extensions
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.2.
network
low complexity
apollo13themes
5.4
5.4
2024-01-05 CVE-2023-51539 Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apollo13 Framework Extensions
Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1.
network
low complexity
apollo13themes CWE-352
8.8
8.8
2023-11-08 CVE-2023-47190 Unspecified vulnerability in Apollo13Themes Apollo13 Framework Extensions
Auth.
network
low complexity
apollo13themes
5.4
5.4
2021-05-05 CVE-2021-24265 Cross-site Scripting vulnerability in Apollo13Themes Rife Elementor Extensions & Templates
The “Rife Elementor Extensions & Templates” WordPress Plugin before 1.1.6 has a widget that is vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar method.
network
low complexity
apollo13themes CWE-79
5.4
5.4