CVE-2025-50009
- EPSS 0.03%
- Veröffentlicht 20.06.2025 15:15:26
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2025-32572
- EPSS 0.32%
- Veröffentlicht 17.04.2025 15:47:26
- Zuletzt bearbeitet 15.04.2026 00:35:42
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2024-9376
- EPSS 0.25%
- Veröffentlicht 29.10.2024 10:15:04
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Kata Plus – Addons for Elementor – Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.7 due to insufficient input sanitization and out...
CVE-2024-50501
- EPSS 0.22%
- Veröffentlicht 28.10.2024 13:15:07
- Zuletzt bearbeitet 01.04.2026 16:19:12
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through <= 1.4.7.