extendthemes

Top products

The 15 most recently published vulnerabilities affecting extendthemes.

• CVE-2026-5427Kubio AI Page Builder <= 2.7.2 - Missing Authorization to Authenticated (Contributor+) Limited File Upload via Kubio Block Attributes5.3Apr 17, 2026
• CVE-2025-62751WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability4.3Dec 31, 2025
• CVE-2025-11747Colibri Page Builder <= 1.0.345 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode6.4Dec 19, 2025
• CVE-2025-11376Colibri Page Builder <= 1.0.335 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4Dec 13, 2025
• CVE-2025-59593WordPress Colibri Page Builder Plugin < 1.0.334 - Cross Site Scripting (XSS) Vulnerability5.9Oct 22, 2025
• CVE-2025-9560Colibri Page Builder <= 1.0.334 - Authenticated (Contributor+) Stored Cross-Site Scripting via colibri_newsletter Shortcode6.4Oct 11, 2025
• CVE-2025-8487Kubio AI Page Builder <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation5.4Sep 19, 2025
• CVE-2025-32185WordPress Colibri Page Builder plugin <= 1.0.329 - Cross Site Scripting (XSS) vulnerability6.5Apr 4, 2025
• CVE-2025-2294Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion9.8Mar 28, 2025
• CVE-2024-13516Kubio AI Page Builder <= 2.3.5 - Reflected Cross-Site Scripting6.1Jan 18, 2025
• CVE-2024-37458WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability4.3Jan 2, 2025
• CVE-2024-37431WordPress Mesmerize theme <= 1.6.120 - Cross Site Request Forgery (CSRF) vulnerability4.3Jan 2, 2025
• CVE-2024-5020Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library6.4Dec 4, 2024
• CVE-2024-39661WordPress Kubio AI Page Builder plugin <= 2.2.4 - Authenticated Cross Site Scripting (XSS) vulnerability6.5Aug 1, 2024
• CVE-2023-3204Materialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options Update6.5Jun 20, 2024