WordPress Theme Vulnerabilities

Slug
Published
Title
Slug
nokke
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
nokke
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
nokri
Published
2025-02-28
Title
Nokri < 1.6.3 - Unauthenticated Arbitrary Password Change
Slug
nokri
Published
2025-07-11
Title
Nokri < 1.6.4 - Subscriber+ Privilege Escalation
Slug
nokri
Published
2025-09-22
Title
Nokri <= 1.6.4 - Cross-Site Request Forgery
Slug
noo-jobmonster
Published
2019-10-24
Title
JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting
Slug
noo-jobmonster
Published
2020-09-21
Title
JobMonster < 4.6.6.1 - Directory Listing in Upload Folder
Slug
noo-jobmonster
Published
2024-07-09
Title
Jobmonster < 4.7.6 - Unauthenticated Privilege Escalation
Slug
noo-jobmonster
Published
2024-07-09
Title
Jobmonster < 4.7.5 - Unauthenticated Arbitrary File Deletion
Slug
noo-jobmonster
Published
2025-07-23
Title
Jobmonster < 4.7.9 - Reflected Cross-Site Scripting
Slug
noo-jobmonster
Published
2025-08-22
Title
Jobmonster < 4.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Slug
noo-jobmonster
Published
2025-08-22
Title
Jobmonster < 4.8.1 - Unauthenticated Sensitive Information Disclosure
Slug
noo-jobmonster
Published
2025-08-21
Title
Jobmonster < 4.8.0 - Authentication Bypass
Slug
noo-jobmonster
Published
2025-10-30
Title
Jobmonster < 4.8.2 - Authentication Bypass
Slug
noo-jobmonster
Published
2025-08-31
Title
Jobmonster < 4.7.9 - Reflected Cross-Site Scripting
Slug
noo-wemusic
Published
2025-08-02
Title
WeMusic < 1.9.2 - Reflected Cross-Site Scripting
Slug
noo-wemusic
Published
2025-08-02
Title
WeMusic < 1.9.2 - Authenticated (Subscriber+) PHP Object Injection
Slug
noo-yogi
Published
2025-08-02
Title
Yogi - Health Beauty & Yoga < 2.9.3 - Authenticated (Subscriber+) PHP Object Injection
Slug
noo-yogi
Published
2025-08-02
Title
Yogi - Health Beauty & Yoga < 2.9.3 - Reflected Cross-Site Scripting
Slug
nothing-personal
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
nova-lite
Published
2020-08-13
Title
Nova Lite < 1.3.9 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Slug
nrgbusiness
Published
2025-05-16
Title
The Business <= 1.6.1 - Missing Authorization
Slug
nrgbusiness
Published
2025-05-19
Title
The Business <= 1.6.1 - Unauthenticated PHP Object Injection
Slug
nrgfashion
Published
2025-05-29
Title
The Fashion - Model Agency One Page Beauty Theme <= 1.4.4 - Unauthenticated PHP Object Injection
Slug
nsc
Published
2023-07-26
Title
nsc theme <= 1.0 - Reflected Cross-Site Scripting