cleantalk
Vulnerabilities and Security Researches

Themify Builder, CVE-2024-52423

CVE, Research URL

CVE-2024-52423

Home page URL

Security reports for Themify Builder

Application

Themify Builder

Published on
Nov 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themify Themify Builder allows Stored XSS.This issue affects Themify Builder: from n/a through 7.6.3.
Affected versions
Min -, max 7.6.6.
Status
vulnerable
Previous vulnerability researches
Themify Builder (CVE-2024-52423) , Nov 16, 2024
Themify Builder (CVE-2024-9385) , Oct 06, 2024
Themify Builder (CVE-2024-7836) , Aug 22, 2024
Themify Builder (CVE-2024-13319) , Jan 23, 2025
Themify Builder (CVE-2024-3032) , Jun 15, 2024
New vulnerability
Popup for CF7 with Sweet Alert (CVE-2025-48363) , Aug 23, 2025
WPPizza – A Restaurant Plugin (CVE-2025-57894) , Aug 23, 2025
ShortcodeHub – MultiPurpose Shortcode Builder (CVE-2025-7957) , Aug 23, 2025
Simple Login Log (CVE-2025-49438) , Aug 23, 2025
SensorPress (CVE-2025-49409) , Aug 23, 2025