"boostifythemes" — Vulnerability Search

3 vulnerabilities found for “boostifythemes”

CVE-2021-24297

The Goto WordPress theme before 2.1 did not properly sanitize the formvalue JSON POST parameter in its tl_filter AJAX action, leading to an unauthenticated Reflected Cross-site Scripting (XSS) vulnerability.

boostifythemes / goto

Network

Published May 24, 2021

CVE-2021-24314

CRITICAL9.8

The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue

boostifythemes / goto

Network

Published May 17, 2021

CVE-2021-24235

MEDIUM6.1

The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.

boostifythemes / goto

Network

Published Apr 22, 2021

Search Vulnerabilities