Aggregates CVE and security vulnerability intelligence across all nsthemes-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting, with potential vendor impact session compromise across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-27422 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes NS Coupon To Become Customer plugin <= 1.2.2 versions. | [email protected] | 5.9 | 0.06% | 2023-08-08 | 2024-11-21 |
| CVE-2023-24381 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions. | [email protected] | 5.9 | 0.30% | 2023-03-20 | 2024-11-21 |
| CVE-2022-0989 | An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain. | [email protected] | 7.5 | 0.27% | 2022-04-11 | 2024-11-21 |