Vulnerabilities > Apusthemes

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-21	CVE-2023-0453	Unspecified vulnerability in Apusthemes WP Private Messaging The WP Private Message WordPress plugin (bundled with the Superio theme as a required plugin) before 1.0.6 does not ensure that private messages to be accessed belong to the user making the requests. network low complexity apusthemes	4.3
2023-01-02	CVE-2022-4114	Unspecified vulnerability in Apusthemes Superio The Superio WordPress theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Cross-Site Scripting attacks. network low complexity apusthemes	5.4
2022-04-04	CVE-2022-1167	Cross-site Scripting vulnerability in Apusthemes Careerup There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters. network low complexity apusthemes CWE-79	6.1

Vulnerabilities > Apusthemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Apusthemes"}]}