themeum wp_crowdfunding v2.1.6 - 3 CVEs

CVE-2023-41870

Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5.

MEDIUM CVSS 4.3 Published Dec 13, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum WP Crowdfunding allows Stored XSS.This issue affects WP Crowdfunding: from n/a through 2.1.6.

MEDIUM CVSS 6.5 Published Dec 28, 2023

CVE-2023-47532

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themeum WP Crowdfunding plugin <= 2.1.6 versions.

MEDIUM CVSS 5.8 Published Nov 14, 2023

Version 2.1.6

Known Vulnerabilities

CVE-2023-41870

CVE-2023-50859

CVE-2023-47532