Themeum Wp Crowdfunding — known CVE vulnerabilities
Every CVE whose affected-product data names Themeum Wp Crowdfunding, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2023-50859 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored…
CVE-2024-10117 — CVSS 6.4 (medium): The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcf_donate shortcode in all…
CVE-2024-43937 — CVSS 6.4 (medium): Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2024-11910 — CVSS 6.4 (medium): The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp-crowdfunding/search block in all versions…
CVE-2023-6161 — CVSS 6.1 (medium): The WP Crowdfunding WordPress plugin before 2.1.9 does not sanitise and escape a parameter before outputting it back in the page, leading…
CVE-2025-1508 — CVSS 5.3 (medium): The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2023-6163 — CVSS 4.8 (medium): The WP Crowdfunding WordPress plugin before 2.1.10 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2023-5757 — CVSS 4.8 (medium): The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2024-11911 — CVSS 4.3 (medium): The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the…
CVE-2023-41870 — CVSS 4.3 (medium): Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This…