cleantalk
Vulnerabilities and Security Researches

IS-theme-companion, CVE-2025-53277

CVE, Research URL

CVE-2025-53277

Home page URL

Security reports for IS-theme-companion

Application

IS-theme-companion

Published on
Jun 27, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Infigo Software IS-theme-companion allows Object Injection. This issue affects IS-theme-companion: from n/a through 1.57.
Affected versions
Min -, max 1.57.
Status
vulnerable
Previous vulnerability researches
YITH Maintenance Mode (CVE-2015-9429) , Jun 06, 2024
YITH Maintenance Mode (CVE-2021-36841) , Jun 06, 2024
YITH Maintenance Mode (CVE-2021-36845) , Jun 06, 2024
New vulnerability
CSV Importer Improved (CVE-2025-50013) , Jul 04, 2025
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more (CVE-2025-53203) , Jul 04, 2025
Infility Global (CVE-2025-52774) , Jul 04, 2025
Additional Order Filters for WooCommerce (CVE-2025-53271) , Jul 04, 2025
Aviation Weather from NOAA (CVE-2025-28980) , Jul 04, 2025