Everestthemes

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-62992 1Everestthemes 1Everest Backup Apr 23, 2026 Dec 31, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11.
CVE-2024-10028 1Everestthemes 1Everest Backup Nov 8, 2024 Nov 6, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process s...Show more The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup.Show less
CVE-2024-32531 1Everestthemes 1Gucherry Blog Apr 28, 2026 Apr 17, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8.
CVE-2023-7201 1Everestthemes 1Everest Backup May 8, 2025 Apr 15, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be a...Show more The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)Show less
CVE-2023-52185 1Everestthemes 1Everest Backup Apr 28, 2026 Dec 31, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud B...Show more Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9.Show less
CVE-2023-41237 1Everestthemes 1Arya Multipurpose Theme Nov 21, 2024 Sep 27, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Arya Multipurpose Pro theme <= 1.0.8 versions.
CVE-2023-41235 1Everestthemes 1Everest News Nov 21, 2024 Sep 27, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Everest News Pro theme <= 1.1.7 versions.
CVE-2023-27421 1Everestthemes 1Everest News Nov 21, 2024 Aug 8, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Everest News theme <= 1.1.0 versions.
CVE-2023-27412 1Everestthemes 1Mocho Blog Nov 21, 2024 Aug 8, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Mocho Blog theme <= 1.0.4 versions.
CVE-2023-27420 1Everestthemes 1Arya Multipurpose Nov 21, 2024 Jun 16, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Arya Multipurpose theme <= 1.0.5 versions.
CVE-2023-27419 1Everestthemes 1Viable Blog Nov 21, 2024 May 10, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Viable Blog theme <= 1.1.4 versions.