Vulnerabilities > Cozythemes
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-01 | CVE-2024-43341 | Missing Authorization vulnerability in Cozythemes Hello Agency Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5. | 9.8 |
2024-11-01 | CVE-2024-43974 | Missing Authorization vulnerability in Cozythemes Revivenews 1.0.0/1.0.1/1.0.2 Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2. | 9.8 |
2024-11-01 | CVE-2024-43979 | Missing Authorization vulnerability in Cozythemes Blockbooster Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10. | 9.8 |
2024-11-01 | CVE-2024-43980 | Missing Authorization vulnerability in Cozythemes Fotawp Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1. | 9.8 |
2024-10-28 | CVE-2024-50441 | Cross-site Scripting vulnerability in Cozythemes Cozy Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15. | 5.4 |
2024-10-28 | CVE-2024-50502 | Cross-site Scripting vulnerability in Cozythemes Cozy Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18. | 5.4 |