Vulnerabilities > Themekraft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-14 | CVE-2024-8246 | Unspecified vulnerability in Themekraft Buddyforms The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. | 8.8 |
| 2024-06-10 | CVE-2024-35726 | Unspecified vulnerability in Themekraft Buddypress Woocommerce MY Account Integration. Create Woocommerce Member Pages Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19. | 8.8 |
| 2024-03-07 | CVE-2024-1169 | Unspecified vulnerability in Themekraft Post Form The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyforms_upload_handle_dropped_media function in all versions up to, and including, 2.8.7. | 7.5 |
| 2024-03-07 | CVE-2024-1170 | Unspecified vulnerability in Themekraft Post Form The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all versions up to, and including, 2.8.7. | 8.2 |
| 2023-11-06 | CVE-2023-5823 | Unspecified vulnerability in Themekraft TK Google Fonts Gdpr Compliant 2.2.11 Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions. | 8.8 |