Vulnerabilities > Kriesi > Enfold > 5.6.8

DATE CVE VULNERABILITY TITLE RISK
2024-08-30 CVE-2024-5061 Cross-site Scripting vulnerability in Kriesi Enfold
The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping.
network
low complexity
kriesi CWE-79
5.4
5.4
2024-07-22 CVE-2024-37199 Unspecified vulnerability in Kriesi Enfold
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kriesi.At Enfold allows Reflected XSS.This issue affects Enfold: from n/a through 5.6.9.
network
low complexity
kriesi
6.1
6.1