Vulnerabilities > Themekraft

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-14	CVE-2024-8246	Unspecified vulnerability in Themekraft Buddyforms The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. network low complexity themekraft	8.8
2024-06-10	CVE-2024-35726	Missing Authorization vulnerability in Themekraft Buddypress Woocommerce MY Account Integration. Create Woocommerce Member Pages Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19. network low complexity themekraft CWE-862	8.8
2024-06-05	CVE-2024-5149	Use of Insufficiently Random Values vulnerability in Themekraft Buddyforms The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. network low complexity themekraft CWE-330	5.3
2023-11-06	CVE-2023-5823	Cross-Site Request Forgery (CSRF) vulnerability in Themekraft TK Google Fonts Gdpr Compliant Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions. network low complexity themekraft CWE-352	8.8
2023-08-25	CVE-2023-25981	Cross-site Scripting vulnerability in Themekraft Post Form Auth. network low complexity themekraft CWE-79	5.4
2023-03-16	CVE-2022-38971	Cross-site Scripting vulnerability in Themekraft Post Form Registration Form Profile Form for User Profiles and Content Forms Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions. network low complexity themekraft CWE-79	5.4
2023-02-23	CVE-2023-26326	Deserialization of Untrusted Data vulnerability in Themekraft Buddyforms The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated insecure deserialization issue. network low complexity themekraft CWE-502 critical	9.8
2019-08-27	CVE-2018-21003	SQL Injection vulnerability in Themekraft Buddyforms The buddyforms plugin before 2.2.8 for WordPress has SQL injection. network low complexity themekraft CWE-89	7.5

Vulnerabilities > Themekraft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Themekraft"}]}

Vulnerabilities > Themekraft