Known Vulnerabilities for Envo Extra by Envothemes
Listed below are 2 of the newest known vulnerabilities associated with "Envo Extra" by "Envothemes".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32386 json | Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Contr... | Not Provided | 2026-03-13 | 2026-04-01 |
| CVE-2025-66066 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo Extra e... | Not Provided | 2025-11-21 | 2026-04-23 |
| CVE-2025-47471 json | Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Contr... | Not Provided | 2025-05-07 | 2026-04-23 |
| CVE-2024-5645 json | The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_css_id’ parameter within... | Not Provided | 2024-06-07 | 2026-04-08 |
| CVE-2024-4385 json | The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, a... | Not Provided | 2024-05-16 | 2026-04-08 |