Vulnerabilidades en Dream-Theme
9 resultadosCVE-2023-29100HIGHWordPress The7 Theme <= 11.6.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-63076HIGHWordPress The7 Elements plugin <= 2.7.11 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-63074HIGHWordPress The7 theme < 12.8.1.1 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2024-5451MEDIUMThe7 — Website and eCommerce Builder for WordPress <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url AttributeEPSS 0.3%CVE-2026-6646MEDIUMThe7 <= 14.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode 'link' ParameterEPSS 0.3%CVE-2025-7726MEDIUMThe7 <= 12.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via title and data-dt-img-description AttributesEPSS 0.2%CVE-2023-32123MEDIUMWordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-11897MEDIUMThe7 — Ultimate WordPress & WooCommerce Theme <= 12.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'the7_fancy_title_css'EPSS 0.2%CVE-2025-63073MEDIUMWordPress The7 theme < 12.9.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%