Vulnerabilities in ThemeLooks
13 resultsCVE-2024-9307CRITICALmFolio Lite <= 1.2.1 - Missing Authorization to Authenticated (Author+) File Upload via EXE and SVG FilesEPSS 0.9%CVE-2024-10868MEDIUMEnter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%CVE-2024-3831MEDIUMEnter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading widgetEPSS 0.4%CVE-2024-3680MEDIUMEnter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animation Title widget img tagEPSS 0.4%CVE-2024-56252MEDIUMWordPress Enter Addons plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-31847MEDIUMWordPress mFolio Lite plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-7611MEDIUMEnter Addons – Ultimate Template Builder for Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Events Card WidgetEPSS 0.3%CVE-2025-60125MEDIUMWordPress FoodBook Plugin <= 4.7.6 - Sensitive Data Exposure VulnerabilityEPSS 0.3%CVE-2024-37263MEDIUMWordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-43225MEDIUMWordPress Enter Addons plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-47625MEDIUMWordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-8687MEDIUMEnter Addons <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown and Image Comparison WidgetsEPSS 0.2%CVE-2026-25014MEDIUMWordPress Enter Addons plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%