← Back

The7

the7

Vendor: Dream Theme • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-32123
1Dream Theme
1The7
Jun 17, 2026
Nov 13, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 allows Stored XSS.This issue affects The7: from n/a through 11.7.3.
CVE-2023-29100
1Dream Theme
1The7
Jun 17, 2026
Jun 23, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions.