Vulnerabilities > Cozythemes

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-43341 Missing Authorization vulnerability in Cozythemes Hello Agency
Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5.
network
low complexity
cozythemes CWE-862
critical
9.8
2024-11-01 CVE-2024-43974 Missing Authorization vulnerability in Cozythemes Revivenews 1.0.0/1.0.1/1.0.2
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
network
low complexity
cozythemes CWE-862
critical
9.8
2024-11-01 CVE-2024-43979 Missing Authorization vulnerability in Cozythemes Blockbooster
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
network
low complexity
cozythemes CWE-862
critical
9.8
2024-11-01 CVE-2024-43980 Missing Authorization vulnerability in Cozythemes Fotawp
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
network
low complexity
cozythemes CWE-862
critical
9.8
2024-10-28 CVE-2024-50441 Cross-site Scripting vulnerability in Cozythemes Cozy Blocks
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15.
network
low complexity
cozythemes CWE-79
5.4
2024-10-28 CVE-2024-50502 Cross-site Scripting vulnerability in Cozythemes Cozy Blocks
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18.
network
low complexity
cozythemes CWE-79
5.4