Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More

Vulnerabilities 25Slug themeisle-companionLatest version 3.0.5WordPress.org →

Minimum safe version

3.0.3

Update to 3.0.3 or later to address 25 fixable vulnerabilities

Latest available3.0.5
Medium 6.4
2025-01-10< 2.10.44

CVE-2024-13183

CVEWordfence
Medium 5.4
2025-01-09< 2.10.44

WordPress Orbit Fox by ThemeIsle Plugin <= 2.10.43 is vulnerable to Cross Site Scripting (XSS)

PatchstackWordfenceCVE
N/A
2024-01-15< 2.10.28

Orbit Fox by ThemeIsle <= 2.10.27 - Authenticated(Contributor+) Stored Cross-site Scripting via Pricing Table Elementor Widget

Wordfence
N/A
< 2.6.4

Orbit Fox by ThemeIsle &lt;= 2.6.3 -Does not properly Authenticate REST API Calls

WPScan
N/A
2023-04-27< 2.10.24

WordPress Orbit Fox by ThemeIsle Plugin < 2.10.24 is vulnerable to Server Side Request Forgery (SSRF)

Patchstack
N/A
2018-11-12< 2.6.4

Orbit Fox by ThemeIsle <= 2.6.3 - Improper REST Capabilities Checks

Wordfence
N/A
2021-01-12< 2.10.3

WordPress Orbit Fox by ThemeIsle plugin <= 2.10.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack
N/A
2021-01-12< 2.10.3

WordPress Orbit Fox by ThemeIsle plugin <= 2.10.2 - Authenticated Privilege Escalation vulnerability

Patchstack