Search criteria
12 vulnerabilities found for addons by themerex
FKIE_CVE-2025-6997
Vulnerability from fkie_nvd - Published: 2025-07-19 09:15 - Updated: 2025-08-11 19:13
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated 'svg' parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL’s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6A35D065-3D17-46D6-AC1F-59E85F88470D",
"versionEndExcluding": "2.35.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin\u2019s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated \u0027svg\u0027 parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL\u2019s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
},
{
"lang": "es",
"value": "El complemento ThemeREX Addons para WordPress es vulnerable a Cross-Site Scripting (XSS) Almacenado al subir archivos SVG en todas las versiones hasta la 2.35.1.1 incluida, debido a una depuraci\u00f3n de entrada insuficiente y un escape de salida insuficiente. La rutina de renderizado SVG del complemento llama a la funci\u00f3n trx_addons_get_svg_from_file() con un par\u00e1metro \u0027svg\u0027 no validado, proporcionado mediante el shortcode o la configuraci\u00f3n del widget de Elementor, y luego lo genera mediante la funci\u00f3n trx_addons_show_layout(). Dado que no se verifica el origen, el esquema ni el contenido SVG de la URL, los atacantes autenticados con acceso de colaborador o superior pueden proporcionar un SVG remoto e inyectar scripts web arbitrarios en las p\u00e1ginas que se ejecutar\u00e1n al acceder al archivo SVG."
}
],
"id": "CVE-2025-6997",
"lastModified": "2025-08-11T19:13:21.383",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "security@wordfence.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-19T09:15:23.477",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://themerex.net/wp/download_plugins/themerex-addons/"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e1b19017-b2f0-4c3b-b263-1fbec6f1dce4?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@wordfence.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-13448
Vulnerability from fkie_nvd - Published: 2025-01-28 07:15 - Updated: 2025-01-30 18:01
Severity ?
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "82B2408F-6C71-4B96-BB7C-14425C2F5310",
"versionEndExcluding": "2.34.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the \u0027trx_addons_uploads_save_data\u0027 function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento ThemeREX Addons para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n \u0027trx_addons_uploads_save_data\u0027 en todas las versiones hasta la 2.32.3 y incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2024-13448",
"lastModified": "2025-01-30T18:01:07.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@wordfence.com",
"type": "Secondary"
}
]
},
"published": "2025-01-28T07:15:06.967",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c1372bd-821d-439c-9b11-dfa5f08dd0dd?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "security@wordfence.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-0682
Vulnerability from fkie_nvd - Published: 2025-01-25 06:15 - Updated: 2025-08-08 02:08
Severity ?
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "82B2408F-6C71-4B96-BB7C-14425C2F5310",
"versionEndExcluding": "2.34.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the \u0027trx_sc_reviews\u0027 shortcode \u0027type\u0027 attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included."
},
{
"lang": "es",
"value": "El complemento ThemeREX Addons para WordPress es vulnerable a la inclusi\u00f3n de archivos locales en todas las versiones hasta la 2.33.0 y incluida, a trav\u00e9s del atributo \u0027type\u0027 del c\u00f3digo corto \u0027trx_sc_reviews\u0027. Esto permite que atacantes autenticados, con permisos de nivel de colaborador y superiores, incluyan y ejecuten archivos arbitrarios en el servidor, lo que permite la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos. Esto se puede utilizar para eludir los controles de acceso, obtener datos confidenciales o lograr la ejecuci\u00f3n de c\u00f3digo en casos en los que se pueda cargar e incluir el tipo de archivo php."
}
],
"id": "CVE-2025-0682",
"lastModified": "2025-08-08T02:08:56.800",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@wordfence.com",
"type": "Secondary"
}
]
},
"published": "2025-01-25T06:15:28.740",
"references": [
{
"source": "security@wordfence.com",
"tags": [
"Product"
],
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
},
{
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/15a9718f-f877-4e33-8f7a-950791c4ca85?source=cve"
}
],
"sourceIdentifier": "security@wordfence.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-98"
}
],
"source": "security@wordfence.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2020-10257
Vulnerability from fkie_nvd - Published: 2020-03-10 00:15 - Updated: 2024-11-21 04:55
Severity ?
Summary
The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/ | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.70.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "415D8A2D-344D-4A75-A834-C6C4C68ACF47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:ozeum-museum:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "76F58E84-8810-4221-BC84-5B152A53529D",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.70.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "415D8A2D-344D-4A75-A834-C6C4C68ACF47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:chit_club-board_games:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B9A00971-2A40-476B-BB49-4D0FA36DE6CA",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.67:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0F2EF7DE-F1C2-4245-A5EF-7BBD702B76F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:yottis-simple_portfolio:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7AF13B64-D55F-4D02-9D77-95CF994AE995",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.66:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "3661314B-3DD1-495E-9EDC-3A01725A06E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:helion-agency_\\\u0026portfolio:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EE4A6B17-FB56-4BCB-A725-B8BD0A1031A2",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.66:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "3661314B-3DD1-495E-9EDC-3A01725A06E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:amuli:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "CC9A01E6-7BFB-4FC7-B3AA-CC812DBEC186",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.65:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F96C11A5-9A64-4F0D-A9B8-308C4A06B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:nelson-barbershop_\\+_tattoo_salon:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "3A335E4B-84C4-4FC7-BD47-6D939ED5782C",
"versionEndExcluding": "1.0.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.65:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F96C11A5-9A64-4F0D-A9B8-308C4A06B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:hallelujah-church:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7700EC98-EB55-420A-B194-B394C5479827",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.65:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F96C11A5-9A64-4F0D-A9B8-308C4A06B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:right_way:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "150D52DF-FE9F-46CC-AA67-D0F9F9D27593",
"versionEndExcluding": "4.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.65:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F96C11A5-9A64-4F0D-A9B8-308C4A06B997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:prider-pride_fest:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "79D33A86-DB23-4903-B241-8A42D290C9DF",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.62.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7ECD4BD2-C6E4-4B61-B4D1-ABB96C151153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:mystik-esoterics:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "3AA23F39-84FE-43DE-80BF-9A0F5A13E630",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.62.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7ECD4BD2-C6E4-4B61-B4D1-ABB96C151153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:skydiving_and_flying_company:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "87B005BC-1CBD-47C2-8D99-40F82DE0EDB3",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.62.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "DDF94FB5-C3CB-4272-9382-7BD1770C454A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:dronex-aerial_photography_services:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A781A3AB-613E-4FC6-A2F9-9D644261C21C",
"versionEndExcluding": "1.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "089C99E9-CB27-4A5B-B5C4-ABCF34619C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:samadhi-buddhist:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EFE13FB9-41A3-4EAC-9E01-13300957BF87",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7AE5EF9D-ABDA-4F54-9A61-F2019C2BC859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:tantum-rent_a_car\\,_rent_a_bike\\,_rent_a_scooter_multiskin_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "45A34C98-9240-483F-99D0-C5FDC2AA0D3D",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "089C99E9-CB27-4A5B-B5C4-ABCF34619C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:scientia-public_library:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A3EB47EC-7629-4467-8378-A5E3FCBB853C",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "089C99E9-CB27-4A5B-B5C4-ABCF34619C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:blabber:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0B19EEE4-6E11-4AEF-804C-16277D952B39",
"versionEndExcluding": "1.5.2009",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "E3EA645A-993C-42A0-A80B-F0A661D15633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:impacto_patronus_multi-landing:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6F9A55CA-206F-4A2B-B86E-243D19474DDB",
"versionEndExcluding": "1.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F7C95469-9D20-4591-A0BA-C3965DD36083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:rare_radio:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "8ADA9804-F197-47AD-ADEE-616E913834D7",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.60:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "5E9E0369-067F-4186-9D5D-33CA5EC9C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:piqes-creative_startup_\\\u0026_agency_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EE320DA3-CC76-499A-A677-F3DA87E0B986",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.59.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "234568F6-471D-4B48-AEEC-503B17C86C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:kratz-digital_agency:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "23A4FDDE-F120-46F1-ABD7-B82BDAD2A492",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.59.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1DBF97DA-57D9-439B-B143-660F6A61EB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:pixefy:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "C16B1817-9FBB-4EEE-9E86-3ECDCBB8B504",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.59.1.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6A4EB921-5FCA-45A2-BFA5-9CD80618EC8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:netmix-broadband_\\\u0026_telecom:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "CF93FC05-3096-4279-B2BE-8DEF99CC49ED",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.59:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "3CB9A69F-36AF-4BC8-91B9-662F3D93289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:kids_care:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A3AC4B03-2C61-4D67-9C20-3DC523A24B48",
"versionEndExcluding": "3.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.58.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9249BF20-B351-4512-9811-9266942265D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:briny-diving_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4E588690-A2D2-4A98-9C8F-07CC7C9A8C4D",
"versionEndExcluding": "1.2.2000",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "41F85647-F147-4AC8-B218-ECA404225F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:tornados:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "04BD29FF-6355-4DBA-9289-D55C01459EE2",
"versionEndExcluding": "1.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57.4:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1BA29CAB-0BB3-405D-A765-80AD9F96BC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:gridiron:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "FBF5DC5A-2B7F-41E4-87B8-E8D7FBC86414",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0BFA7BBD-0DD9-4E6D-81E3-F97307046178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:yungen-digital\\/marketing_agency:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D708AC36-90A1-429E-B57B-5F5623FFF05D",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "41F85647-F147-4AC8-B218-ECA404225F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:fc_united-football:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D7EAE9F1-3D4B-4295-BA23-F9236B43FF34",
"versionEndExcluding": "1.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0BFA7BBD-0DD9-4E6D-81E3-F97307046178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:bugster-pests_control:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2306DD6E-97D4-4138-957A-EB97FBC56575",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.57:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "72DDDE9D-0318-4E2D-B823-5E8C131A8C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:rumble-single_fighter_boxer\\,_news\\,_gym\\,_store:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "65F561FD-ABEF-4A54-8A79-36275DFF41B8",
"versionEndExcluding": "1.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.56:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D9D8E72C-E175-4BAF-931D-08BBADCFE8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:tacticool-shooting_range_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F5455FBD-2F66-462A-85E1-317357FC8DC1",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.55.4:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "FF760417-7D3C-4318-A534-AD3BF2F90A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:coinpress-cryptocurrency_magazine_\\\u0026_blog_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "868125DA-4B87-44C2-92F8-312CC2012B4F",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.55.7:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A7114AAF-A988-4D9E-8075-B8E09D234835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:vihara-ashram\\,_buddhist:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "5BD68932-E838-432F-8473-84B3F272396D",
"versionEndExcluding": "1.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.55.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EE14B83E-CD6E-45C6-97ED-4DF9C765B8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:katelyn-gutenberg_wordpress_blog_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "26CAE12E-D7BA-4670-86C2-5D8E538F3A6C",
"versionEndExcluding": "1.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.55.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "292EFA6F-4DDD-484E-999E-A931059A98A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:heaven_11-multiskin_property_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "2C9477E5-0E73-49A0-9420-4EA4DD750AD5",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.54:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0A95FDC3-F37A-4D19-B252-1B5DCD041D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:especio-food_gutenberg_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F0E5638A-164E-482B-A19D-032F871F9914",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "727050AA-319A-472A-BC47-A7C52D3D78A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:partiso_electioncampaign:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F715FE4B-1C1B-4728-9854-8C67A77B2FE4",
"versionEndExcluding": "1.1.2002",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7B8B2A0B-A18A-4F61-9E05-5B5A1E887C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:kargo-freight_transport:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "DF407634-F80B-4FF2-B496-9338319EC333",
"versionEndExcluding": "1.1.2004",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "79C619F5-8F21-4D83-B480-472ABB74D78A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:maxify-startup_blog:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "152E3D37-488D-40EF-8650-55EB0E55D266",
"versionEndExcluding": "1.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "727050AA-319A-472A-BC47-A7C52D3D78A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:lingvico-language_learning_school:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F3E948CD-78E2-45C0-87D1-9912FE3295D2",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "79C619F5-8F21-4D83-B480-472ABB74D78A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:aldo-gutenberg_wordpress_blog_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "526A096A-DDC6-4BB7-87D4-C30946D5956E",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.52.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4E05F3AE-0D09-47DF-ACC2-58E656E87FCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:vixus-startup_\\/_mobile_application:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F6431FAE-D3F2-4F0B-8E2E-B3AF958F589F",
"versionEndExcluding": "1.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.52.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "832709EC-9F72-425E-A091-4BA3B30D44FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:wellspring_water_filter_systems:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4E370374-4060-459A-905B-55D9A01E7660",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.52.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "832709EC-9F72-425E-A091-4BA3B30D44FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:nazareth-church:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4F6E1F20-427A-4D01-800B-96F64092E968",
"versionEndExcluding": "1.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.53:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "ED35A9AC-DDEC-49A9-9154-EB9C13B3BC4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:tediss-soft_play_area\\,_cafe_\\\u0026_child_care_center:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B097B9AD-C06D-474C-BB71-6F3CC6F3EC2F",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.51.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B06D0160-ADC8-4AE7-B35C-64862D850964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:yolox-startup_magazine_\\\u0026_blog_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "868BCA71-CCC3-4617-9747-ACC6E3240E00",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.51.3:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B06D0160-ADC8-4AE7-B35C-64862D850964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:meals_and_wheels-food_truck:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D386062B-F308-4ED0-A30C-0B86F57DC623",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.51.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "CD6FABBE-A686-4EE2-AFAE-7D78CF3B4064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:rosalinda-vegetarian_\\\u0026_health_coach:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "5D92C6CD-B6D7-4782-8B43-7856CF11D04F",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A40C76BD-DD5E-4546-8D8E-1496069C0B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:vapester:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "23E53397-A8CB-480F-AE32-2D2092B7E382",
"versionEndExcluding": "1.1.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A40C76BD-DD5E-4546-8D8E-1496069C0B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:modern_housewife-housewife_and_family_blog:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "78687932-3E1F-4C47-96BA-E0BF25FBFACD",
"versionEndExcluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1B364A8C-228A-44A4-80B1-8E471C06493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:chainpress:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F44C865E-FC06-4CFA-848E-80CA3C3A1987",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.51.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "CD6FABBE-A686-4EE2-AFAE-7D78CF3B4064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:justitia-multiskin_lawyer_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1F431DFE-C643-4CDA-89D6-25BBBA91491C",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A40C76BD-DD5E-4546-8D8E-1496069C0B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:hobo_digital_nomad_blog:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4D25045C-BDF8-4A5C-96A3-7F45CD4A1CDF",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "1B364A8C-228A-44A4-80B1-8E471C06493B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:rhodos-creative_corporate_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "0D8858EB-787E-45D1-B1C2-5D023840BCCA",
"versionEndExcluding": "1.3.2001",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.50:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A40C76BD-DD5E-4546-8D8E-1496069C0B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:buzz_stone-magazine_\\\u0026_blog:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "A18D53D3-1D92-43A8-AB72-0C971C6A8C51",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.0.49.10:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F7EDB5DE-C5E5-4C68-A83C-EF7C6C630163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:corredo_sport_event:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "431FFDA6-254A-4387-9894-CCC5AFA9D573",
"versionEndExcluding": "1.1.2003",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.49.8:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "533F071F-26BB-4978-91E3-97FECD4EECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:savejulia_personal_fundraising_campaign:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "7159FD8E-6E68-4FC7-AA46-31205226DE0C",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.49.6:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "310CFAEA-F13F-4B15-8E9A-13AE7CFFEA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:bonkozoo_zoo:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "DAA36195-F528-4F08-A0A5-A87C6BD9995A",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.49.6.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "43002470-1B51-44AB-A07E-F7796443987B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:renewal-plastic_surgeon_clinic:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B206FC3A-C47F-4D83-8848-28A1E376AC46",
"versionEndExcluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.49.5:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "D608B893-4F2D-4828-91F8-2E4B597A3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:gloss_blog:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "8A379218-18C2-4F3D-912B-5999628796AA",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.58.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9249BF20-B351-4512-9811-9266942265D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:plumbing-repair\\,_building_\\\u0026_construction_wordpress_theme:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "469075B3-560A-4EFD-8B81-62A6FFBC5853",
"versionEndExcluding": "3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:themerex:addons:1.6.61.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "089C99E9-CB27-4A5B-B5C4-ABCF34619C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:themerex:topper_theme_and_skins:-:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4ED89805-5F82-40BA-B669-7416602E5938",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter."
},
{
"lang": "es",
"value": "El plugin ThemeREX Addons antes del 09-03-2020 para WordPress, presenta una falta de control de acceso en el endpoint de la API REST /trx_addons/v2/get/sc_layout, permitiendo que funciones PHP sean ejecutadas por cualquier usuario, porque el archivo includes/plugin.rest-api.php llama a la funci\u00f3n trx_addons_rest_get_sc_layout con un par\u00e1metro sc no seguro."
}
],
"id": "CVE-2020-10257",
"lastModified": "2024-11-21T04:55:05.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-10T00:15:10.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-6997 (GCVE-0-2025-6997)
Vulnerability from cvelistv5 – Published: 2025-07-19 08:24 – Updated: 2025-07-21 18:09
VLAI?
Title
ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated 'svg' parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL’s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ThemeREX | ThemeREX Addons |
Affected:
* , ≤ 2.35.1.1
(semver)
|
Credits
Matthew Rollings
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T17:58:14.309750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T18:09:51.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "ThemeREX",
"versions": [
{
"lessThanOrEqual": "2.35.1.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin\u2019s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated \u0027svg\u0027 parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL\u2019s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-19T08:24:22.251Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e1b19017-b2f0-4c3b-b263-1fbec6f1dce4?source=cve"
},
{
"url": "https://themerex.net/wp/download_plugins/themerex-addons/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-18T19:52:51.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6997",
"datePublished": "2025-07-19T08:24:22.251Z",
"dateReserved": "2025-07-01T22:08:38.522Z",
"dateUpdated": "2025-07-21T18:09:51.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13448 (GCVE-0-2024-13448)
Vulnerability from cvelistv5 – Published: 2025-01-28 06:38 – Updated: 2025-01-28 15:14
VLAI?
Title
ThemeREX Addons <= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity ?
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ThemeREX Addons |
Affected:
* , ≤ 2.32.3
(semver)
|
Credits
Tonn
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:55:43.776733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:14:51.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "n/a",
"versions": [
{
"lessThanOrEqual": "2.32.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tonn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the \u0027trx_addons_uploads_save_data\u0027 function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T06:38:41.703Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c1372bd-821d-439c-9b11-dfa5f08dd0dd?source=cve"
},
{
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-15T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-27T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13448",
"datePublished": "2025-01-28T06:38:41.703Z",
"dateReserved": "2025-01-15T23:13:47.848Z",
"dateUpdated": "2025-01-28T15:14:51.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0682 (GCVE-0-2025-0682)
Vulnerability from cvelistv5 – Published: 2025-01-25 05:30 – Updated: 2025-02-12 20:41
VLAI?
Title
ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
Severity ?
8.8 (High)
CWE
- CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ThemeREX Addons |
Affected:
* , ≤ 2.33.0
(semver)
|
Credits
István Márton
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0682",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:52:39.684012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:32.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "n/a",
"versions": [
{
"lessThanOrEqual": "2.33.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the \u0027trx_sc_reviews\u0027 shortcode \u0027type\u0027 attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-25T05:30:06.255Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/15a9718f-f877-4e33-8f7a-950791c4ca85?source=cve"
},
{
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-23T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-01-23T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-24T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0682",
"datePublished": "2025-01-25T05:30:06.255Z",
"dateReserved": "2025-01-23T17:22:10.767Z",
"dateUpdated": "2025-02-12T20:41:32.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10257 (GCVE-0-2020-10257)
Vulnerability from cvelistv5 – Published: 2020-03-09 23:41 – Updated: 2024-08-04 10:58
VLAI?
Summary
The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-09T23:41:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10257",
"datePublished": "2020-03-09T23:41:34",
"dateReserved": "2020-03-09T00:00:00",
"dateUpdated": "2024-08-04T10:58:40.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6997 (GCVE-0-2025-6997)
Vulnerability from nvd – Published: 2025-07-19 08:24 – Updated: 2025-07-21 18:09
VLAI?
Title
ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin’s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated 'svg' parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL’s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ThemeREX | ThemeREX Addons |
Affected:
* , ≤ 2.35.1.1
(semver)
|
Credits
Matthew Rollings
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T17:58:14.309750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T18:09:51.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "ThemeREX",
"versions": [
{
"lessThanOrEqual": "2.35.1.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.35.1.1 due to insufficient input sanitization and output escaping. The plugin\u2019s SVG rendering routine calls the trx_addons_get_svg_from_file() function on an unvalidated \u0027svg\u0027 parameter supplied via the shortcode or Elementor widget settings, then outputs it via the trx_addons_show_layout() function. Because there is no check on the URL\u2019s origin, scheme, or the SVG content itself, authenticated attackers, with Contributor-level access and above, can supply a remote SVG and inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-19T08:24:22.251Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e1b19017-b2f0-4c3b-b263-1fbec6f1dce4?source=cve"
},
{
"url": "https://themerex.net/wp/download_plugins/themerex-addons/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-18T19:52:51.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6997",
"datePublished": "2025-07-19T08:24:22.251Z",
"dateReserved": "2025-07-01T22:08:38.522Z",
"dateUpdated": "2025-07-21T18:09:51.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13448 (GCVE-0-2024-13448)
Vulnerability from nvd – Published: 2025-01-28 06:38 – Updated: 2025-01-28 15:14
VLAI?
Title
ThemeREX Addons <= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity ?
9.8 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ThemeREX Addons |
Affected:
* , ≤ 2.32.3
(semver)
|
Credits
Tonn
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:55:43.776733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:14:51.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "n/a",
"versions": [
{
"lessThanOrEqual": "2.32.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tonn"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the \u0027trx_addons_uploads_save_data\u0027 function in all versions up to, and including, 2.32.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T06:38:41.703Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7c1372bd-821d-439c-9b11-dfa5f08dd0dd?source=cve"
},
{
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-15T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-27T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13448",
"datePublished": "2025-01-28T06:38:41.703Z",
"dateReserved": "2025-01-15T23:13:47.848Z",
"dateUpdated": "2025-01-28T15:14:51.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0682 (GCVE-0-2025-0682)
Vulnerability from nvd – Published: 2025-01-25 05:30 – Updated: 2025-02-12 20:41
VLAI?
Title
ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode
Summary
The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trx_sc_reviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
Severity ?
8.8 (High)
CWE
- CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ThemeREX Addons |
Affected:
* , ≤ 2.33.0
(semver)
|
Credits
István Márton
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0682",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:52:39.684012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:32.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ThemeREX Addons",
"vendor": "n/a",
"versions": [
{
"lessThanOrEqual": "2.33.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the \u0027trx_sc_reviews\u0027 shortcode \u0027type\u0027 attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-25T05:30:06.255Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/15a9718f-f877-4e33-8f7a-950791c4ca85?source=cve"
},
{
"url": "https://themeforest.net/item/qwery-multipurpose-business-wordpress-theme/29678687"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-23T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-01-23T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-01-24T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "ThemeREX Addons \u003c= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0682",
"datePublished": "2025-01-25T05:30:06.255Z",
"dateReserved": "2025-01-23T17:22:10.767Z",
"dateUpdated": "2025-02-12T20:41:32.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10257 (GCVE-0-2020-10257)
Vulnerability from nvd – Published: 2020-03-09 23:41 – Updated: 2024-08-04 10:58
VLAI?
Summary
The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-09T23:41:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2020/03/zero-day-vulnerability-in-themerex-addons-now-patched/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10257",
"datePublished": "2020-03-09T23:41:34",
"dateReserved": "2020-03-09T00:00:00",
"dateUpdated": "2024-08-04T10:58:40.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}