Vulnerabilidades en ThemeMakers
9 resultadosCVE-2025-1282HIGHCar Dealer Automotive WordPress Theme – Responsive <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and ReadEPSS 1.0%CVE-2025-1682HIGHCardealer <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2025-39480CRITICALWordPress Car Dealer theme < 1.6.8 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-53299CRITICALWordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-1681MEDIUMCardealer <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Change and Delete JS and CSS FilesEPSS 0.3%CVE-2025-1690MEDIUMThemeMakers Stripe Checkout <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2025-1689MEDIUMThemeMakers PayPal Express Checkout <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%CVE-2025-1687HIGHCardealer <= 1.6.4 - Cross-Site Request Forgery to User Update via update_user_profileEPSS 0.3%CVE-2026-24391HIGHWordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%