ithemes 漏洞與 CVE 列表(25)

產品(CPE): — CVE 數: 25

ithemes 漏洞概覽

彙總 ithemes 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

常見弱點模式包括 跨站腳本、SQL 注入與路徑處理缺陷,在 軟體部署與生產負載 使用場景中可能帶來 工作階段劫持、資料外洩與檔案覆寫 等風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 12025 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2022-31474 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1. [email protected] 7.5 63.76% 2023-03-13 2026-06-17
CVE-2022-4897 The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting [email protected] 6.1 0.86% 2023-02-21 2026-06-17
CVE-2020-36176 The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs. [email protected] 7.5 1.29% 2021-01-06 2026-06-16
CVE-2020-14092 The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. [email protected] 9.8 94.53% 2020-07-02 2026-06-16
CVE-2015-9379 iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9378 iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9377 iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9376 iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9375 Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9374 Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9372 Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9371 Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9370 Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9369 Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9368 Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9367 Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9366 Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9365 Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2015-9363 iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). [email protected] 6.1 0.95% 2019-08-28 2026-06-16
CVE-2018-12636 The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. [email protected] 7.2 30.12% 2018-06-22 2026-06-16
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence