Filtered by vendor Xylusthemes Subscriptions

Search

Switch to Advanced Search (Beta)
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-30201 1 Xylusthemes 1 Wp Smart Import 2026-01-08 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.
CVE-2025-24700 1 Xylusthemes 1 Wp Event Aggregator 2026-01-08 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Reflected XSS. This issue affects WP Event Aggregator: from n/a through 1.8.2.
CVE-2024-31371 2 Wordpress, Xylusthemes 2 Wordpress, Wp Event Aggregator 2026-01-07 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6.
CVE-2024-32597 1 Xylusthemes 1 Wordpress Importer 2026-01-07 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.
CVE-2025-48256 1 Xylusthemes 1 Import Social Events 2025-05-29 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a through 1.8.5.
CVE-2022-40209 1 Xylusthemes 1 Wp Smart Import 2024-11-21 6.1 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.
CVE-2020-24147 1 Xylusthemes 1 Wp Smart Import 2024-11-21 9.1 Critical
Server-side request forgery (SSR) vulnerability in the WP Smart Import (wp-smart-import) plugin 1.0.0 for WordPress via the file field.