Aggregates CVE and security vulnerability intelligence across all olivethemes-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk path handling and vendor risk cross-site scripting; exposure may include vendor impact file overwrite in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-38749 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2. | [email protected] | 5.3 | 0.80% | 2024-08-13 | 2025-05-27 |
| CVE-2024-32715 | Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | [email protected] | 7.5 | 0.10% | 2024-06-09 | 2026-04-28 |
| CVE-2024-2702 | Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | [email protected] | 8.2 | 0.22% | 2024-03-20 | 2026-04-28 |
| CVE-2023-29102 | Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | [email protected] | 9.1 | 0.22% | 2023-12-20 | 2026-04-28 |