High 7.5 Unfixed
2025-04-24≤ 1.4.5
CVE-2025-32921
Arrival
Minimum safe version
1.4.3
Update to 1.4.3 or later to address 2 fixable vulnerabilities
Latest available1.4.5 ✓Affected up to1.4.2 ⚠⚠ 3 vulnerabilities have no fix
Medium 6.5
2022-04-18< 1.4.3
CVE-2022-23975
N/A
2022-01-11< 1.4.3
AccessPress Themes and Plugin <= Various Versions - Cross-Site Request Forgery
N/A Unfixed
2022-01-24≤ 1.4.2
WordPress Arrival theme <= 1.4.2 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
N/A Unfixed
2022-01-28≤ 1.4.2
WordPress Arrival theme <= 1.4.2 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
High 8.8
2021-12-24≤ 1.4.2
WordPress Arrival theme <= 1.4.2 - Arbitrary File Upload vulnerability