CVE-2025-50009
- EPSS 0.05%
- Veröffentlicht 20.06.2025 15:15:26
- Zuletzt bearbeitet 23.06.2025 20:16:40
Missing Authorization vulnerability in Climax Themes Kata Plus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Kata Plus: from n/a through 1.5.3.
CVE-2025-32572
- EPSS 0.1%
- Veröffentlicht 17.04.2025 15:47:26
- Zuletzt bearbeitet 17.04.2025 20:21:05
Deserialization of Untrusted Data vulnerability in Climax Themes Kata Plus allows Object Injection. This issue affects Kata Plus: from n/a through 1.5.2.
CVE-2024-9376
- EPSS 0.08%
- Veröffentlicht 29.10.2024 10:15:04
- Zuletzt bearbeitet 29.10.2024 14:34:04
The Kata Plus – Addons for Elementor – Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.7 due to insufficient input sanitization and out...
CVE-2024-50501
- EPSS 0.06%
- Veröffentlicht 28.10.2024 13:15:07
- Zuletzt bearbeitet 31.10.2024 13:51:19
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Climax Themes Kata Plus allows Stored XSS.This issue affects Kata Plus: from n/a through 1.4.7.