VYPR

Mesmerize

by Extendthemes

CVEs (2)

  • CVE-2019-25142HigJun 7, 2023
    risk 0.57cvss 8.8epss 0.01

    The Mesmerize & Materialis themes for WordPress are vulnerable to authenticated options change in versions up to, and including,1.6.89 (Mesmerize) and 1.0.172 (Materialis). This is due to 'companion_disable_popup' function only checking the nonce while sending user input to the…

  • CVE-2024-37431MedJan 2, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in extendthemes Mesmerize mesmerize allows Cross Site Request Forgery.This issue affects Mesmerize: from n/a through <= 1.6.120.