4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in uxper\",\"url\":\"https://vexday.io/en/vendor/uxper\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":28},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"uxper\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"uxper"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"uxper"}]]}],["$","span",null,{"className":"t","children":["28"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2025-49894",{"className":"item","href":"/en/cve/CVE-2025-49894","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49894"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Nuss Theme <= 1.3.3 - Local File Inclusion Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2025-49892",{"className":"item","href":"/en/cve/CVE-2025-49892","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49892"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Uxper Booking Plugin <= 1.3.3 - Local File Inclusion Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2025-4606",{"className":"item","href":"/en/cve/CVE-2025-4606","children":[["$","span",null,{"className":"cid","children":"CVE-2025-4606"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2025-4797",{"className":"item","href":"/en/cve/CVE-2025-4797","children":[["$","span",null,{"className":"cid","children":"CVE-2025-4797"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"Golo <= 1.7.0 - Authentication Bypass to Account Takeover"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-12876",{"className":"item","href":"/en/cve/CVE-2024-12876","children":[["$","span",null,{"className":"cid","children":"CVE-2024-12876"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"Golo - Directory & Listing, Travel WordPress Theme <= 1.6.10 - Missing Authorization to Privilege Escalation via Unauthenticated Arbitrary User Password Change"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-54709",{"className":"item","href":"/en/cve/CVE-2025-54709","children":[["$","span",null,{"className":"cid","children":"CVE-2025-54709"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Sala Theme <= 1.1.6 - Local File Inclusion Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-13771",{"className":"item","href":"/en/cve/CVE-2024-13771","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13771"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.4 - Authentication Bypass via Password Update"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-54725",{"className":"item","href":"/en/cve/CVE-2025-54725","children":[["$","span",null,{"className":"cid","children":"CVE-2025-54725"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Golo Theme <= 1.7.0 - Broken Authentication Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2026-23975",{"className":"item","href":"/en/cve/CVE-2026-23975","children":[["$","span",null,{"className":"cid","children":"CVE-2026-23975"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Golo theme < 1.7.5 - Local File Inclusion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-62035",{"className":"item","href":"/en/cve/CVE-2025-62035","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62035"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Togo theme < 1.0.4 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-52826",{"className":"item","href":"/en/cve/CVE-2025-52826","children":[["$","span",null,{"className":"cid","children":"CVE-2025-52826"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Sala theme <= 1.1.3 - PHP Object Injection Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-52827",{"className":"item","href":"/en/cve/CVE-2025-52827","children":[["$","span",null,{"className":"cid","children":"CVE-2025-52827"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Nuss theme <= 1.3.3 - PHP Object Injection Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2026-27051",{"className":"item","href":"/en/cve/CVE-2026-27051","children":[["$","span",null,{"className":"cid","children":"CVE-2026-27051"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Golo theme <= 1.7.0 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-49893",{"className":"item","href":"/en/cve/CVE-2025-49893","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49893"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Nuss Theme <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-49891",{"className":"item","href":"/en/cve/CVE-2025-49891","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49891"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Uxper Booking Plugin <= 1.3.3 - SQL Injection Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-62034",{"className":"item","href":"/en/cve/CVE-2025-62034","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62034"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-62037",{"className":"item","href":"/en/cve/CVE-2025-62037","children":[["$","span",null,{"className":"cid","children":"CVE-2025-62037"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-13772",{"className":"item","href":"/en/cve/CVE-2024-13772","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13772"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Civi - Job Board & Freelance Marketplace WordPress Theme <= 2.1.6.1 - Authentication Bypass"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-52804",{"className":"item","href":"/en/cve/CVE-2025-52804","children":[["$","span",null,{"className":"cid","children":"CVE-2025-52804"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Nuss theme <= 1.3.7.1 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-52803",{"className":"item","href":"/en/cve/CVE-2025-52803","children":[["$","span",null,{"className":"cid","children":"CVE-2025-52803"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Sala theme <= 1.1.3 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","2"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]