Vulnerabilities in Xylus Themes
11 resultsCVE-2025-47531HIGHWordPress XT Event Widget for Social Events plugin <= 1.1.7 - Local File Inclusion VulnerabilityEPSS 0.5%CVE-2025-47453HIGHWordPress WP Smart Import plugin <= 1.1.3 - Local File Inclusion VulnerabilityEPSS 0.5%CVE-2022-40209MEDIUMWP Smart Import plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-30201HIGHWordPress WP Smart Import plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-32597MEDIUMWordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-47352HIGHWordPress WP Bulk Delete plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-38703MEDIUMWordPress WP Event Aggregator plugin <= 1.7.9 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2025-24700HIGHWordPress WP Event Aggregator Plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-48256MEDIUMWordPress Import Social Events plugin <= 1.8.5 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%CVE-2024-31371MEDIUMWordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-58192MEDIUMWordPress WP Bulk Delete Plugin <= 1.3.6 - Broken Access Control VulnerabilityEPSS 0.2%