The Monday

Vulnerabilities 6Slug the-mondayLatest version 1.4.1WordPress.org →Closed

Medium 6.5 Unfixed Closed

2022-04-18≤ 1.4.1

CVE-2022-23975

CVE Wordfence

N/A Unfixed Closed

2022-01-11≤ 1.4.1

AccessPress Themes and Plugin <= Various Versions - Cross-Site Request Forgery

Wordfence

N/A Unfixed Closed

2022-01-24≤ 1.4.1

WordPress The Monday theme <= 1.4.1 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi (Patchstack) in

Patchstack

N/A Unfixed Closed

2022-01-28≤ 1.4.1

WordPress The Monday theme <= 1.4.1 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Patchstack

High 8.8 Closed

2021-11-28≤ 1.4.1

WordPress The Monday theme <= 1.4.1 - Arbitrary File Upload vulnerability

Patchstack CVE Wordfence

Critical 9.8 Unfixed Closed

2022-02-21≤ 1.4.1

CVE-2021-24867

CVE Wordfence WPScan