Catchplugins Catch Themes Demo Import — known CVE vulnerabilities
Every CVE whose affected-product data names Catchplugins Catch Themes Demo Import, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-39352 — CVSS 7.2 (high): The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the…
CVE-2022-0440 — CVSS 7.2 (high): The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high…
CVE-2021-24752 — CVSS 5.7 (medium): Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any…