CVE-2025-59001
- EPSS 0.04%
- Veröffentlicht 16.12.2025 08:12:46
- Zuletzt bearbeitet 20.01.2026 15:17:16
Missing Authorization vulnerability in ThemeNectar Salient Core salient-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salient Core: from n/a through <= 3.0.8.
CVE-2024-3812
- EPSS 0.34%
- Veröffentlicht 18.05.2024 06:15:08
- Zuletzt bearbeitet 21.11.2024 09:30:26
The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectar_icon' shortcode 'icon_linea' attribute. This makes it possible for authenticated attackers, with contributor-level...
CVE-2024-3810
- EPSS 0.45%
- Veröffentlicht 18.05.2024 06:15:06
- Zuletzt bearbeitet 21.11.2024 09:30:26
The Salient Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.3 via the 'icon' shortcode 'image' attribute. This makes it possible for authenticated attackers, with contributor-level and a...
CVE-2023-48748
- EPSS 0.19%
- Veröffentlicht 30.11.2023 17:15:12
- Zuletzt bearbeitet 21.11.2024 08:32:22
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme nectar Salient Core allows Reflected XSS.This issue affects Salient Core: from n/a through 2.0.2.
CVE-2023-48749
- EPSS 0.18%
- Veröffentlicht 30.11.2023 17:15:12
- Zuletzt bearbeitet 21.11.2024 08:32:22
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme nectar Salient Core allows Stored XSS.This issue affects Salient Core: from n/a through 2.0.2.