VYPR

Customify

by WordPress

CVEs (3)

  • CVE-2025-26920MedMay 19, 2025
    risk 0.35cvss 5.4epss 0.00

    Missing Authorization vulnerability in pressmaximum Customify customify-theme allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customify: from n/a through <= 0.4.8.

  • CVE-2025-8669MedOct 3, 2025
    risk 0.28cvss 4.3epss 0.00

    The Customify theme for WordPress is vulnerable to Cross-Site Request Forgery in version 0.4.11. This is due to missing or incorrect nonce validation on the reset_customize_section function. This makes it possible for unauthenticated attackers to reset theme customization…

  • CVE-2023-27633MedNov 22, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Customify – Intuitive Website Styling plugin <= 2.10.4 versions.