Every CVE whose affected-product data names 2code Himer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-2232 — CVSS 8.1 (high): The lacks CSRF checks allowing a user to invite any user to any group (including private groups)
CVE-2024-2231 — CVSS 6.5 (medium): The allows any authenticated user to join a private group due to a missing authorization check on a function
CVE-2024-2234 — CVSS 5.4 (medium): The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings, which could allow high privilege users such…
CVE-2024-2040 — CVSS 4.3 (medium): The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private…
CVE-2024-2233 — CVSS 4.3 (medium): The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users…
CVE-2024-2235 — CVSS 4.3 (medium): The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users vote on any…