Vulnerabilities (CVE)

Filtered by vendor Cozythemes Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-43341 1 Cozythemes 1 Hello Agency 2024-11-13 N/A 9.8 CRITICAL
Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5.
CVE-2024-43980 1 Cozythemes 1 Fotawp 2024-11-08 N/A 9.8 CRITICAL
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
CVE-2024-43979 1 Cozythemes 1 Blockbooster 2024-11-08 N/A 9.8 CRITICAL
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
CVE-2024-43974 1 Cozythemes 1 Revivenews 2024-11-08 N/A 9.8 CRITICAL
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
CVE-2024-50441 1 Cozythemes 1 Cozy Blocks 2024-11-08 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15.
CVE-2024-50502 1 Cozythemes 1 Cozy Blocks 2024-10-31 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18.