Themify Woocommerce Product Filter — known CVE vulnerabilities
Every CVE whose affected-product data names Themify Woocommerce Product Filter, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-1532 — CVSS 6.1 (medium): Themify WordPress plugin before 1.3.8 does not sanitise and escape the page parameter before outputting it back in an attribute in an admin…
CVE-2024-2278 — CVSS 6.1 (medium): Themify WordPress plugin before 1.4.4 does not sanitise and escape some of its Filters settings, which could allow high privilege users…
CVE-2024-44046 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify – WooCommerce…
CVE-2024-2263 — CVSS 4.8 (medium): Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a…
CVE-2024-2262 — CVSS 4.7 (medium): Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users…