Vulnerabilities > Uxper

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2024-13771 Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper CWE-288
5.9
2025-03-14 CVE-2024-13772 Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4.
network
high complexity
uxper CWE-288
5.9
2025-03-14 CVE-2024-13773 Use of Hard-coded Cryptographic Key vulnerability in Uxper Civi
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4 via hard-coded credentials.
network
low complexity
uxper CWE-321
7.5
2025-03-07 CVE-2024-12876 Missing Authorization vulnerability in Uxper Golo
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.10.
network
low complexity
uxper CWE-862
critical
9.8
2021-05-12 CVE-2020-23790 Unrestricted Upload of File with Dangerous Type vulnerability in Uxper Golo 1.1.5
An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5.
network
low complexity
uxper CWE-434
critical
9.8