Filtered by vendor Ithemes
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31474 | 1 Ithemes | 1 Backupbuddy | 2024-05-07 | N/A | 7.5 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1. | |||||
| CVE-2022-4897 | 1 Ithemes | 1 Backupbuddy | 2023-12-10 | N/A | 6.1 MEDIUM |
| The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting | |||||
| CVE-2020-36176 | 1 Ithemes | 1 Ithemes Security | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs. | |||||
| CVE-2020-14092 | 1 Ithemes | 1 Paypal Pro | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. | |||||
| CVE-2015-9368 | 1 Ithemes | 1 Easy Eu Value Added \(vat\) Taxes | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9365 | 1 Ithemes | 1 Authorize.net | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9379 | 1 Ithemes | 1 Builder Style Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9376 | 1 Ithemes | 1 Mobile | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9377 | 1 Ithemes | 1 Builder Theme Depot | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9375 | 1 Ithemes | 1 Table Rate Shipping | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9378 | 1 Ithemes | 1 Builder Theme Market | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9371 | 1 Ithemes | 1 Manual Purchases | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9363 | 1 Ithemes | 1 Exchange | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9369 | 1 Ithemes | 1 Easy Us Sales Taxes | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9370 | 1 Ithemes | 1 Invoices | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9366 | 1 Ithemes | 1 Custom Url Tracking | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9367 | 1 Ithemes | 1 Easy Canadian Sales Taxes | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9374 | 1 Ithemes | 1 Stripe | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9372 | 1 Ithemes | 1 Membership | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2018-12636 | 1 Ithemes | 1 Security | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
| The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. | |||||