Aggregates CVE and security vulnerability intelligence across all select-themes-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact file overwrite and vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-34554 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm Core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through 2.4.1. | [email protected] | 8.5 | 0.51% | 2024-06-04 | 2024-11-21 |
| CVE-2024-34552 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6. | [email protected] | 8.5 | 0.51% | 2024-06-04 | 2024-11-21 |
| CVE-2024-34551 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6. | [email protected] | 9.0 | 0.54% | 2024-06-04 | 2024-11-21 |
| CVE-2024-34553 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Select-Themes Stockholm Core allows Reflected XSS.This issue affects Stockholm Core: from n/a through 2.4.1. | [email protected] | 7.1 | 0.31% | 2024-05-08 | 2026-04-28 |