Filtered by vendor Purethemes
Subscriptions
Filtered by product Listeo
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24318 | 1 Purethemes | 1 Listeo | 2024-08-03 | 6.5 Medium |
| The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete belong to the user making the request, allowing any authenticated users to delete arbitrary page/post and booking via an IDOR vector. | ||||
| CVE-2021-24317 | 1 Purethemes | 1 Listeo | 2024-08-03 | 6.1 Medium |
| The Listeo WordPress theme before 1.6.11 did not properly sanitise some parameters in its Search, Booking Confirmation and Personal Message pages, leading to Cross-Site Scripting issues | ||||
Page 1 of 1.