Ultra Seven

Vulnerabilities 5Slug ultra-sevenLatest version 1.2.8WordPress.org →Closed
Medium 6.5 Unfixed Closed
2022-04-18≤ 1.2.8

CVE-2022-23975

CVEWordfence
N/A Unfixed Closed
2022-01-11≤ 1.2.8

AccessPress Themes and Plugin <= Various Versions - Cross-Site Request Forgery

Wordfence
High 8.8 Closed
2021-12-24≤ 1.2.8

WordPress Ultra Seven theme <= 1.2.8 - Arbitrary File Upload vulnerability

PatchstackCVEWordfence
N/A Unfixed Closed
2022-01-24≤ 1.2.8

WordPress Ultra Seven theme <= 1.2.8 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation

Patchstack
N/A Unfixed Closed
2022-01-28≤ 1.2.8

WordPress Ultra Seven theme <= 1.2.8 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Patchstack