Orbit fox
This hub aggregates every CVE we track for Orbit fox, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM15
Monthly trend
0
1
0
0
0
0
2
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Orbit fox.
- CVE-2025-22659WordPress Orbit Fox by ThemeIsle plugin <= 2.10.44 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-13183Orbit Fox by ThemeIsle <= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag Parameter6.4
- CVE-2025-0311Orbit Fox by ThemeIsle <= 2.10.43 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget6.4
- CVE-2024-7778Orbit Fox by ThemeIsle <= 2.10.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload6.4
- CVE-2024-2484Orbit Fox by ThemeIsle <= 2.10.34 - Authenticated (Contributor+) Stored Cross-Site Scripting via Services and Post Type Grid Widgets6.4
- CVE-2024-1499Orbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-1497Orbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via form widget addr2_width attribute6.4
- CVE-2024-2126Orbit Fox by ThemeIsle <= 2.10.32 - Authenticated (Contributor+) Stored Cross-Site Scripiting via Registration Form Widget6.4
- CVE-2024-1323Orbit Fox by ThemeIsle <= 2.10.30 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-0508Orbit Fox by ThemeIsle <= 2.10.27 - Authenticated(Contributor+) Stored Cross-site Scripting via Pricing Table Elementor Widget6.4
- CVE-2024-1162Orbit Fox by ThemeIsle <= 2.10.29 - Cross-Site Request Forgery4.3
- CVE-2024-1047ThemeIsle SDK <= Various Versions - Missing Authorization5.3
- CVE-2023-6781Orbit Fox Companion <= 2.10.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via custom fields6.4
- CVE-2021-24157Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Stored Cross Site Scripting5.4
- CVE-2021-24158Orbit Fox by ThemeIsle < 2.10.3 - Authenticated Privilege Escalation6.5
Product normalization is registry-driven with AI assist and human review. How it works