WordPress Theme Vulnerabilities Please use the search to find what you're looking for Product Title Disclosure Date CarSpot WordPress CarSpot theme <= 2.2.0 - Multiple Vulnerabilities (Authenticated Persistent XSS & IDOR) 2020-01-27 Traveler WordPress Travel Booking theme <= 2.7.8.5 - Reflected & Persistent Cross-Site Scripting (XSS) vulnerabilities 2020-01-13 CityBook WordPress CityBook theme <= 2.3.3 - Multiple vulnerabilities (Reflected XSS, Persistent XSS & IDOR) 2020-01-09 CityBook WordPress CityBook premium theme <= 2.3.3 - Multiple vulnerabilities 2020-01-09 Divi WordPress Divi premium theme <= 4.0.9 - Authenticated Code Injection 2020-01-05 Extra WordPress Extra premium theme <= 4.0.9 - Authenticated Code Injection vulnerability 2020-01-05 ListingPro WordPress ListingPro premium theme <= 2.0.14.2 - Reflected & Persistent Cross-Site Scripting (XSS) vulnerability 2019-12-13 Superlist WordPress Superlist premium theme <= 2.9.2 - Persistent Cross-Site Scripting (XSS) vulnerability 2019-12-12 Mesmerize WordPress Mesmerize theme <=1.6.89 - Authenticated Options Update vulnerability 2019-12-02 Materialis WordPress Materialis theme <=1.0.172 - Authenticated Options Update vulnerability 2019-12-02 Real Estate 7 WordPress Real Estate 7 plugin <= 2.9.0 - Stored Cross-Site Scripting (XSS) vulnerability 2019-08-06 Real Estate 7 WordPress Real Estate 7 plugin <= 2.9.0 - Insecure Direct Object Reference vulnerability 2019-08-06 Zoner - Real Estate WordPress Zoner - Real Estate premium theme <= 4.1 - Reflected & Stored Cross-Site Scripting (XSS) vulnerability 2019-07-05 JobCareer WordPress JobCareer theme - 2.5 - Stored Cross-Site Scripting (XSS) vulnerability 2019-06-11 Traveler WordPress Travel Booking Theme <= 2.7 - Reflected & Stored Cross-Site Scripting XSS vulnerability 2019-06-11 Traveler WordPress Travel Booking theme <= 2.7.8.3 - Reflected & Stored Cross-Site Scripting (XSS) vulnerabilities 2019-05-05 CarSpot WordPress CarSpot theme <= 2.1.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability 2019-04-23 Newspaper WordPress Newspaper theme <= 9.2.2 - Cross-Site Scripting (XSS) vulnerability 2019-02-14 JobCareer WordPress JobCareer premium theme <= 2.4 - User enumeration & Password Reset vulnerabilities 2018-12-24 Supreme Directory WordPress Supreme Directory theme <= 1.1.8 - Unauthenticated Cross-Site Scripting (XSS) vulnerability 2018-08-28 1 2 3 4 5 ... 22 23 24