Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
divi vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-35945
An issue exists in the Divi Builder plugin, Divi theme, and Divi Extra theme prior to 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is...
Elegant Themes Divi
Elegant Themes Divi Builder
Elegant Themes Divi Extra
445
VMScore
CVE-2018-19162
Divi up to and including 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim'...
Diviproject Divi
NA
CVE-2023-6744
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization and output escaping on user supplied custom field data. This makes ...
Elegantthemes Divi
511
VMScore
CVE-2015-1579
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate ...
Elegant Themes Divi -
2 EDB exploits
4 Github repositories
NA
CVE-2023-29099
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Elegant themes Divi theme <= 4.20.2 versions.
Elegant Themes Divi
510
VMScore
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution (revslider) plugin prior to 4.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
Themepunch Slider Revolution
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started