Every CVE whose affected-product data names Boostifythemes Goto, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24314 — CVSS 9.8 (critical): The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it…
CVE-2021-24235 — CVSS 6.1 (medium): The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an…
CVE-2021-24297 — CVSS 6.1 (medium): The Goto WordPress theme before 2.1 did not properly sanitize the formvalue JSON POST parameter in its tl_filter AJAX action, leading to an…