laborator

Top products

The 13 most recently published vulnerabilities affecting laborator.

• CVE-2025-12886Oxygen <= 6.0.8 - Unauthenticated Server-Side Request Forgery via route_path7.2Mar 28, 2026
• CVE-2025-69299WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability7.2Feb 20, 2026
• CVE-2025-12895Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request5.3Jan 15, 2026
• CVE-2025-53349WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability7.1Nov 6, 2025
• CVE-2025-49926WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability7.2Oct 22, 2025
• CVE-2025-53348WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability5.3Sep 9, 2025
• CVE-2025-53347WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability4.3Aug 14, 2025
• CVE-2024-12781Aurum - WordPress & WooCommerce Shopping Theme <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Demo Content Import4.3Jan 7, 2025
• CVE-2020-24075Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.6.1Aug 11, 2023
• CVE-2020-23576Laborator Neon dashboard v3 is affected by stored Cross Site Scripting (XSS) via the chat tab.5.4Aug 27, 2020
• CVE-2020-14010The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php q (aka name) parameter.6.1Jun 10, 2020
• CVE-2020-13890The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard.5.4Jun 6, 2020
• CVE-2019-20141An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.6.1Dec 30, 2019