WordPress Theme Vulnerabilities

Slug
Published
Title
Slug
freesia-empire
Published
2024-04-30
Title
Freesia Empire < 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Slug
freshio
Published
2026-01-01
Title
Freshio <= 2.4.2 - Authenticated (Contributor+) Local File Inclusion
Slug
fribbo
Published
2025-08-23
Title
Fribbo <= 1.1.0 - Unauthenticated Local File Inclusion
Slug
fruitful
Published
2020-02-17
Title
Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Slug
fruitful
Published
2020-03-13
Title
Fruitful < 3.8.2 - Authenticated Stored XSS & Theme Options Deletion
Slug
fude
Published
2025-01-06
Title
Multiple Themes by gavias - Reflected XSS
Slug
full-frame
Published
2024-09-30
Title
Full frame < 2.7.3 - Authenticated (Author+) Stored Cross-Site Scripting
Slug
fullbase
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
furnob
Published
2023-12-07
Title
Multiple Themes by KlbTheme - Cross-Site Request Forgery
Slug
fusion
Published
2015-02-11
Title
WordPress Slider Revolution - Local File Disclosure
Slug
fusion
Published
2014-11-30
Title
WordPress Slider Revolution Shell Upload
Slug
fusion-builder
Published
2023-08-10
Title
Fusion Builder < 3.11.2 - Subscriber+ SQL injection and broken access control vulnerability in Critical CSS
Slug
fusion-builder
Published
2024-03-01
Title
Avada < 7.11.6 - Authenticated(Contributor+) Sensitive Information Exposure via Form Entries
Slug
fwdevp
Published
2025-07-07
Title
Easy Video Player Wordpress & WooCommerce <= 10.0 - Unauthenticated Arbitrary File Download