Known Vulnerabilities for products from ThemeGrill
Listed below are 8 of the newest known vulnerabilities associated with the vendor "ThemeGrill".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40730 json | Not Provided | 2026-04-15 | 2026-04-21 | |
| CVE-2024-37432 json | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Estee... | Not Provided | 2024-07-22 | 2026-04-28 |
| CVE-2024-34571 json | Not Provided | 2024-05-08 | 2026-04-28 | |
| CVE-2024-33939 json | Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-syste... | Not Provided | 2025-05-19 | 2026-04-23 |
| CVE-2024-33540 json | Not Provided | 2024-04-29 | 2026-04-28 | |
| CVE-2024-24882 json | Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Maste... | Not Provided | 2024-05-17 | 2026-04-29 |
| CVE-2024-1462 json | The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1... | Not Provided | 2024-03-13 | 2026-04-08 |
| CVE-2024-1370 json | The Maintenance Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on t... | Not Provided | 2024-03-13 | 2026-04-08 |
| CVE-2024-0679 json | The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin_action_... | Not Provided | 2024-01-20 | 2026-04-08 |
| CVE-2020-36334 json | themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database. | 8.8 - HIGH | 2021-05-05 | 2021-05-11 |
| CVE-2020-36333 json | themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_acti... | 9.1 - CRITICAL | 2021-05-05 | 2021-05-11 |