CVE-2025-50009
- EPSS 0.27%
- Veröffentlicht 20.06.2025 15:15:26
- Zuletzt bearbeitet 23.04.2026 15:31:58
Missing Authorization vulnerability in Climax Themes Kata Plus kata-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2025-32572
- EPSS 0.5%
- Veröffentlicht 17.04.2025 15:47:26
- Zuletzt bearbeitet 23.04.2026 15:29:08
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus kata-plus allows Object Injection.This issue affects Kata Plus: from n/a through <= 1.5.3.
CVE-2024-9376
- EPSS 0.35%
- Veröffentlicht 29.10.2024 10:15:04
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Kata Plus – Addons for Elementor – Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.7 due to insufficient input sanitization and out...
CVE-2024-50501
- EPSS 0.25%
- Veröffentlicht 28.10.2024 13:15:07
- Zuletzt bearbeitet 23.04.2026 15:20:04
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through <= 1.4.7.