Filtered by vendor Themegoods
Subscribe
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-64224 | 1 Themegoods | 1 Grand Conference | 2026-01-29 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference Theme Custom Post Type grandconference-custom-post allows Reflected XSS.This issue affects Grand Conference Theme Custom Post Type: from n/a through < 2.6.4. | |||||
| CVE-2025-39485 | 1 Themegoods | 1 Grand Tour | 2026-01-28 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour | Travel Agency WordPress allows Object Injection. This issue affects Grand Tour | Travel Agency WordPress: from n/a through 5.5.1. | |||||
| CVE-2025-39354 | 1 Themegoods | 1 Grand Conference | 2026-01-28 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference allows Object Injection.This issue affects Grand Conference: from n/a through 5.2. | |||||
| CVE-2025-60116 | 1 Themegoods | 1 Grand Conference | 2026-01-27 | N/A | 5.4 MEDIUM |
| Missing Authorization vulnerability in ThemeGoods Grand Conference Theme Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Grand Conference Theme Custom Post Type: from n/a through 2.6.3. | |||||
| CVE-2025-64217 | 1 Themegoods | 1 Photography | 2026-01-22 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography photography allows Reflected XSS.This issue affects Photography: from n/a through <= 7.7.2. | |||||
| CVE-2025-47584 | 1 Themegoods | 1 Photography | 2026-01-22 | N/A | 8.5 HIGH |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Photography.This issue affects Photography: from n/a through 7.5.2. | |||||
| CVE-2025-47579 | 1 Themegoods | 1 Photography | 2026-01-22 | N/A | 9.0 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Photography. This issue affects Photography: from n/a through 7.5.2. | |||||
| CVE-2025-39353 | 1 Themegoods | 1 Grand Restaurant | 2026-01-22 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-39352 | 1 Themegoods | 1 Grand Restaurant | 2026-01-22 | N/A | 8.2 HIGH |
| Missing Authorization vulnerability in ThemeGoods Grand Restaurant WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-67922 | 1 Themegoods | 1 Grand Restaurant | 2026-01-22 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through < 7.0.9. | |||||
| CVE-2025-39351 | 1 Themegoods | 1 Grand Restaurant | 2026-01-22 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant WordPress allows Cross Site Request Forgery.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-32926 | 1 Themegoods | 1 Grand Restaurant | 2025-06-09 | N/A | 9.8 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeGoods Grand Restaurant WordPress allows Path Traversal.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-39348 | 1 Themegoods | 1 Grand Restaurant | 2025-05-29 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant WordPress allows Object Injection.This issue affects Grand Restaurant WordPress: from n/a through 7.0. | |||||
| CVE-2025-32928 | 1 Themegoods | 1 Altair | 2025-05-29 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2. | |||||