Vulnerabilities in Themesflat
16 resultsCVE-2023-37390HIGHWordPress Themesflat Addons For Elementor Plugin <= 2.0.0 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2025-59007CRITICALWordPress TF Woo Product Grid Addon For Elementor Plugin <= 1.0.1 - Deserialization of untrusted data VulnerabilityEPSS 0.4%CVE-2024-8516MEDIUMThemesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Information ExposureEPSS 0.4%CVE-2024-8515MEDIUMThemesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-4212MEDIUMThemesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple WidgetsEPSS 0.4%CVE-2025-69382CRITICALWordPress Themesflat Elementor plugin <= 1.0.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-4458MEDIUMThemesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via URLsEPSS 0.3%CVE-2024-4459MEDIUMThemesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget TitlesEPSS 0.3%CVE-2024-2922MEDIUMThemesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget TagsEPSS 0.3%CVE-2024-53796MEDIUMWordPress Themesflat Addons For Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-12205MEDIUMThemesflat Addons For Elementor <= 2.2.4 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-3275MEDIUMThemesflat Addons For Elementor <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-49310MEDIUMWordPress Themesflat Addons For Elementor plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-35666MEDIUMWordPress Themesflat Addons For Elementor plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-31567MEDIUMWordPress Themesflat Addons For Elementor plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-39500MEDIUMWordPress themesflat-addons-for-elementor plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%