4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilidades em creativethemeshq\",\"url\":\"https://vexday.io/pt/vendor/creativethemeshq\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":21},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Início\",\"item\":\"https://vexday.io/pt\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tecnologias\",\"item\":\"https://vexday.io/pt/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"creativethemeshq\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/pt","children":"Início"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/pt/vendors","children":"Tecnologias"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"creativethemeshq"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilidades em"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"creativethemeshq"}]]}],["$","span",null,{"className":"t","children":["21"," ","resultados"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2026-8365",{"className":"item","href":"/pt/cve/CVE-2026-8365","children":[["$","span",null,{"className":"cid","children":"CVE-2026-8365"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.1.41 - Authenticated (Contributor+) PHP Object Injection via Deserialization of Untrusted Data via 'blocksy_meta' REST API Field"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.8%"}]]}],false]}]]}],["$","$La","CVE-2025-12846",{"className":"item","href":"/pt/cve/CVE-2025-12846","children":[["$","span",null,{"className":"cid","children":"CVE-2025-12846"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Blocksy Companion <= 2.1.19 - Authenticated (Author+) Arbitrary File Upload via SVG Upload Bypass"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-4487",{"className":"item","href":"/pt/cve/CVE-2024-4487","children":[["$","span",null,{"className":"cid","children":"CVE-2024-4487"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy Companion <= 2.0.45 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Uploads"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2022-4974",{"className":"item","href":"/pt/cve/CVE-2022-4974","children":[["$","span",null,{"className":"cid","children":"CVE-2022-4974"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Freemius SDK <= 2.4.2 - Missing Authorization Checks"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-3747",{"className":"item","href":"/pt/cve/CVE-2024-3747","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3747"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via About Me block"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-47465",{"className":"item","href":"/pt/cve/CVE-2025-47465","children":[["$","span",null,{"className":"cid","children":"CVE-2025-47465"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy theme <= 2.0.97 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-2392",{"className":"item","href":"/pt/cve/CVE-2024-2392","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2392"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy Companion <= 2.0.31 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-4158",{"className":"item","href":"/pt/cve/CVE-2024-4158","children":[["$","span",null,{"className":"cid","children":"CVE-2024-4158"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.42 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-32961",{"className":"item","href":"/pt/cve/CVE-2024-32961","children":[["$","span",null,{"className":"cid","children":"CVE-2024-32961"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-1767",{"className":"item","href":"/pt/cve/CVE-2024-1767","children":[["$","span",null,{"className":"cid","children":"CVE-2024-1767"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.26 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-24871",{"className":"item","href":"/pt/cve/CVE-2024-24871","children":[["$","span",null,{"className":"cid","children":"CVE-2024-24871"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy theme <= 2.0.19 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-5439",{"className":"item","href":"/pt/cve/CVE-2024-5439","children":[["$","span",null,{"className":"cid","children":"CVE-2024-5439"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.50 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-4943",{"className":"item","href":"/pt/cve/CVE-2024-4943","children":[["$","span",null,{"className":"cid","children":"CVE-2024-4943"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.46 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-11420",{"className":"item","href":"/pt/cve/CVE-2024-11420","children":[["$","span",null,{"className":"cid","children":"CVE-2024-11420"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.0.77 - Authenticated (Contributor+) Stored Cross-Site Scripting"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-9565",{"className":"item","href":"/pt/cve/CVE-2025-9565","children":[["$","span",null,{"className":"cid","children":"CVE-2025-9565"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy Companion <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via blocksy_newsletter_subscribe Shortcode"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2024-31382",{"className":"item","href":"/pt/cve/CVE-2024-31382","children":[["$","span",null,{"className":"cid","children":"CVE-2024-31382"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-12430",{"className":"item","href":"/pt/cve/CVE-2026-12430","children":[["$","span",null,{"className":"cid","children":"CVE-2026-12430"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy Companion <= 2.1.45 - Authenticated (Editor+) Stored Cross-Site Scripting via 'product_description' Parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-2583",{"className":"item","href":"/pt/cve/CVE-2026-2583","children":[["$","span",null,{"className":"cid","children":"CVE-2026-2583"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Blocksy <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2024-37469",{"className":"item","href":"/pt/cve/CVE-2024-37469","children":[["$","span",null,{"className":"cid","children":"CVE-2024-37469"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy theme <= 1.9.5 - Cross Site Request Forgery (CSRF) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2025-55713",{"className":"item","href":"/pt/cve/CVE-2025-55713","children":[["$","span",null,{"className":"cid","children":"CVE-2025-55713"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← anterior"}],["$","span",null,{"className":"pgnum","children":["página"," ","1"," / ","2"]}],["$","$La",null,{"href":"?page=2","children":"próxima →"}]]}]]}]