Onepress
by WordPress
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38739 | Med | 0.33 | 5.1 | 0.00 | Jul 20, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8. | |
| CVE-2025-22643 | Med | 0.28 | 4.3 | 0.00 | Feb 4, 2025 | Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through <= 2.3.11. | |
| CVE-2024-37448 | Med | 0.28 | 4.3 | 0.00 | Jan 2, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through <= 2.3.6. |
- risk 0.33cvss 5.1epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in famethemes OnePress onepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnePress: from n/a through <= 2.3.11.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in famethemes OnePress onepress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through <= 2.3.6.