Filtered by vendor Ithemes
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7433 | 1 Ithemes | 1 Security | 2024-11-21 | N/A |
| The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page. | ||||
| CVE-2018-12636 | 1 Ithemes | 1 Security | 2024-11-21 | N/A |
| The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. | ||||
| CVE-2015-9379 | 1 Ithemes | 1 Builder Style Manager | 2024-11-21 | N/A |
| iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9378 | 1 Ithemes | 1 Builder Theme Market | 2024-11-21 | N/A |
| iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9377 | 1 Ithemes | 1 Builder Theme Depot | 2024-11-21 | N/A |
| iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9376 | 1 Ithemes | 1 Mobile | 2024-11-21 | N/A |
| iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9375 | 1 Ithemes | 1 Table Rate Shipping | 2024-11-21 | N/A |
| Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9374 | 1 Ithemes | 1 Stripe | 2024-11-21 | N/A |
| Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9372 | 1 Ithemes | 1 Membership | 2024-11-21 | N/A |
| Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9371 | 1 Ithemes | 1 Manual Purchases | 2024-11-21 | N/A |
| Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9370 | 1 Ithemes | 1 Invoices | 2024-11-21 | N/A |
| Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9369 | 1 Ithemes | 1 Easy Us Sales Taxes | 2024-11-21 | N/A |
| Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9368 | 1 Ithemes | 1 Easy Eu Value Added \(vat\) Taxes | 2024-11-21 | N/A |
| Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9367 | 1 Ithemes | 1 Easy Canadian Sales Taxes | 2024-11-21 | N/A |
| Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9366 | 1 Ithemes | 1 Custom Url Tracking | 2024-11-21 | N/A |
| Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9365 | 1 Ithemes | 1 Authorize.net | 2024-11-21 | N/A |
| Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2015-9363 | 1 Ithemes | 1 Exchange | 2024-11-21 | N/A |
| iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | ||||
| CVE-2013-2744 | 2 Ithemes, Wordpress | 2 Backupbuddy, Wordpress | 2024-11-21 | N/A |
| importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function. | ||||
| CVE-2013-2743 | 2 Ithemes, Wordpress | 2 Backupbuddy, Wordpress | 2024-11-21 | N/A |
| importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote attackers to bypass authentication via a crafted integer in the step parameter. | ||||
| CVE-2013-2742 | 2 Ithemes, Wordpress | 2 Backupbuddy, Wordpress | 2024-11-21 | N/A |
| importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not reliably delete itself after completing a restore operation, which makes it easier for remote attackers to obtain access via subsequent requests to this script. | ||||