Apollo13themes

apollo13themes

7 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Apollo13 Framework Extensions

apollo13_framework_extensions

Rife Elementor Extensions & Templates

rife_elementor_extensions_&_templates

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-37480 1Apollo13themes 1Apollo13 Framework Extensions Jun 17, 2026 Jul 21, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects...Show more Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.3.Show less
CVE-2024-5504 1Apollo13themes 1Rife Elementor Extensions & Templates Jun 17, 2026 Jul 2, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute within the plugin's Writing Effect Headline widget in all versions up to, and including,...Show more The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag' attribute within the plugin's Writing Effect Headline widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.Show less
CVE-2024-35708 1Apollo13themes 1Rife Free Jun 17, 2026 Jun 8, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2.4.19.
CVE-2024-24880 1Apollo13themes 1Apollo13 Framework Extensions Jun 17, 2026 Feb 8, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.2.Show less
CVE-2023-51539 1Apollo13themes 1Apollo13 Framework Extensions Jun 17, 2026 Jan 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1.
CVE-2023-47190 1Apollo13themes 1Apollo13 Framework Extensions Jun 17, 2026 Nov 8, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Apollo13Themes Apollo13 Framework Extensions plugin <= 1.9.0 versions.
CVE-2021-24265 1Apollo13themes 1Rife Elementor Extensions & Templates Jun 17, 2026 May 5, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The “Rife Elementor Extensions & Templates” WordPress Plugin before 1.1.6 has a widget that is vulnerable to stored Cross-Site Scripting(XSS) by lower-privileged users such as contributors, all via a similar method.