Everestthemes
Products
3- 4 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-39360 | Hig | 0.49 | 7.5 | 0.01 | Apr 24, 2025 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in everestthemes Grace Mag grace-mag allows PHP Local File Inclusion.This issue affects Grace Mag: from n/a through <= 1.1.5. | ||
| CVE-2024-32531 | Hig | 0.46 | 7.1 | 0.00 | Apr 17, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8. | ||
| CVE-2025-62992 | Med | 0.42 | 6.5 | 0.00 | Dec 31, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11. | ||
| CVE-2025-62946 | Med | 0.34 | 5.3 | 0.00 | Oct 27, 2025 | Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8. | ||
| CVE-2023-52185 | Med | 0.34 | 5.3 | 0.00 | Dec 31, 2023 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a… | ||
| CVE-2025-49238 | Med | 0.28 | 4.3 | 0.00 | Jun 6, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Cross Site Request Forgery.This issue affects Everest Backup: from n/a through <= 2.3.3. |
- risk 0.49cvss 7.5epss 0.01
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in everestthemes Grace Mag grace-mag allows PHP Local File Inclusion.This issue affects Grace Mag: from n/a through <= 1.1.5.
- risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8.
- risk 0.42cvss 6.5epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8.
- risk 0.34cvss 5.3epss 0.00
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Cross Site Request Forgery.This issue affects Everest Backup: from n/a through <= 2.3.3.