Vulnerabilities and security researches forthemify-event-post themify-event-post

Jun 07, 2024

CVE, Research URL: CVE-2024-30440
Home page URL: Security reports for Themify Event Post
Application: Themify Event Post
Date: Mar 29, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Event Post allows Stored XSS.This issue affects Themify Event Post: from n/a through 1.2.7.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-30831
Home page URL: Security reports for Themify Event Post
Application: Themify Event Post
Date: Mar 27, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Event Post allows PHP Local File Inclusion. This issue affects Themify Event Post: from n/a through 1.3.2.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2025-30832
Home page URL: Security reports for Themify Event Post
Application: Themify Event Post
Date: Mar 27, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Event Post allows DOM-Based XSS. This issue affects Themify Event Post: from n/a through 1.3.2.
Affected versions: Min -, max -.
Status: vulnerable