4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in favethemes\",\"url\":\"https://vexday.io/en/vendor/favethemes\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":29},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"favethemes\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"favethemes"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"favethemes"}]]}],["$","span",null,{"className":"t","children":["29"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2023-26009",{"className":"item","href":"/en/cve/CVE-2023-26009","children":[["$","span",null,{"className":"cid","children":"CVE-2023-26009"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Login Register plugin <= 2.6.3 - Privilege Escalation"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.7%"}]]}],false]}]]}],["$","$La","CVE-2023-26540",{"className":"item","href":"/en/cve/CVE-2023-26540","children":[["$","span",null,{"className":"cid","children":"CVE-2023-26540"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme <= 2.7.1 - Privilege Escalation"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.7%"}]]}],false]}]]}],["$","$La","CVE-2023-29432",{"className":"item","href":"/en/cve/CVE-2023-29432","children":[["$","span",null,{"className":"cid","children":"CVE-2023-29432"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Theme < 2.8.3 is vulnerable to SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2023-36529",{"className":"item","href":"/en/cve/CVE-2023-36529","children":[["$","span",null,{"className":"cid","children":"CVE-2023-36529"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez CRM Plugin <= 1.3.4 is vulnerable to SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2025-53198",{"className":"item","href":"/en/cve/CVE-2025-53198","children":[["$","span",null,{"className":"cid","children":"CVE-2025-53198"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme <= 4.0.4 - Local File Inclusion Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-5793",{"className":"item","href":"/en/cve/CVE-2024-5793","children":[["$","span",null,{"className":"cid","children":"CVE-2024-5793"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Houzez Theme - Functionality <= 3.2.2 - Authenticated (Seller+) SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-22303",{"className":"item","href":"/en/cve/CVE-2024-22303","children":[["$","span",null,{"className":"cid","children":"CVE-2024-22303"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme <= 3.2.4 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-21743",{"className":"item","href":"/en/cve/CVE-2024-21743","children":[["$","span",null,{"className":"cid","children":"CVE-2024-21743"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-51888",{"className":"item","href":"/en/cve/CVE-2024-51888","children":[["$","span",null,{"className":"cid","children":"CVE-2024-51888"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Homey Login Register Plugin <= 2.4.0 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-49952",{"className":"item","href":"/en/cve/CVE-2025-49952","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49952"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme <= 4.2.5 - Insecure Direct Object References (IDOR) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-49407",{"className":"item","href":"/en/cve/CVE-2025-49407","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49407"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Theme <= 4.1.1 - Cross Site Scripting (XSS) Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-62054",{"className":"item","href":"/en/cve/CVE-2025-62054","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62054"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Theme - Functionality plugin <= 4.1.8 - Local File Inclusion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-51800",{"className":"item","href":"/en/cve/CVE-2024-51800","children":[["$","span",null,{"className":"cid","children":"CVE-2024-51800"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-62053",{"className":"item","href":"/en/cve/CVE-2025-62053","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62053"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme < 4.2.0 - Local File Inclusion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-49406",{"className":"item","href":"/en/cve/CVE-2025-49406","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49406"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez Theme <= 4.1.1 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-67965",{"className":"item","href":"/en/cve/CVE-2025-67965","children":[["$","span",null,{"className":"cid","children":"CVE-2025-67965"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Homey Core plugin <= 2.4.3 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-52834",{"className":"item","href":"/en/cve/CVE-2025-52834","children":[["$","span",null,{"className":"cid","children":"CVE-2025-52834"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Homey theme <= 2.4.7 - SQL Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-67964",{"className":"item","href":"/en/cve/CVE-2025-67964","children":[["$","span",null,{"className":"cid","children":"CVE-2025-67964"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Homey Core plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-43244",{"className":"item","href":"/en/cve/CVE-2024-43244","children":[["$","span",null,{"className":"cid","children":"CVE-2024-43244"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress houzez Theme By FaveThemes <= 3.2.4 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-24747",{"className":"item","href":"/en/cve/CVE-2025-24747","children":[["$","span",null,{"className":"cid","children":"CVE-2025-24747"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","2"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]