Mythemeshop
Products
3- 4 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-28961 | Cri | 0.64 | 9.8 | 0.01 | Jul 16, 2025 | Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Object Injection.This issue affects URL Shortener: from n/a through <= 3.0.7. | ||
| CVE-2025-46482 | Med | 0.42 | 6.5 | 0.00 | Apr 25, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz wp-quiz allows Stored XSS.This issue affects WP Quiz: from n/a through <= 2.0.10. | ||
| CVE-2025-28963 | Med | 0.35 | 5.4 | 0.00 | Jul 4, 2025 | Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Server Side Request Forgery.This issue affects URL Shortener: from n/a through <= 3.0.7. | ||
| CVE-2023-23896 | Med | 0.35 | 5.4 | 0.01 | Jan 17, 2024 | Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17. | ||
| CVE-2021-36829 | Med | 0.31 | 4.8 | 0.00 | Sep 6, 2022 | Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress. | ||
| CVE-2024-5802 | 0.00 | — | 0.00 | Jul 9, 2024 | The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed |
- risk 0.64cvss 9.8epss 0.01
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Object Injection.This issue affects URL Shortener: from n/a through <= 3.0.7.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz wp-quiz allows Stored XSS.This issue affects WP Quiz: from n/a through <= 2.0.10.
- risk 0.35cvss 5.4epss 0.00
Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Server Side Request Forgery.This issue affects URL Shortener: from n/a through <= 3.0.7.
- risk 0.35cvss 5.4epss 0.01
Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17.
- risk 0.31cvss 4.8epss 0.00
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress.
- CVE-2024-5802Jul 9, 2024risk 0.00cvss —epss 0.00
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed