Vulnerabilities > Creativethemes

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-05	CVE-2024-5439	Cross-site Scripting vulnerability in Creativethemes Blocksy The Blocksy theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the custom_url parameter in all versions up to, and including, 2.0.50 due to insufficient input sanitization and output escaping. network low complexity creativethemes CWE-79	5.4
2024-02-08	CVE-2024-24871	Unspecified vulnerability in Creativethemes Blocksy Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative Themes Blocksy allows Stored XSS.This issue affects Blocksy: from n/a through 2.0.19. network low complexity creativethemes	5.4
2023-05-02	CVE-2023-1911	Unspecified vulnerability in Creativethemes Blocksy Companion The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example network low complexity creativethemes	4.3
2023-04-06	CVE-2023-23898	Unspecified vulnerability in Creativethemes Blocksy Companion Auth. network low complexity creativethemes	5.4

Vulnerabilities > Creativethemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Creativethemes"}]}