Browse all 5 CVE security advisories affecting futuriowp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FuturioWP is a WordPress theme designed for business and portfolio websites, offering pre-built templates and customization options. Historically, it has been susceptible to multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, with five CVEs documented to date. These vulnerabilities often stem from insufficient input sanitization and improper access controls. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for users who fail to maintain timely updates. The theme's security posture emphasizes the importance of regular patching and security hardening for WordPress installations using third-party themes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-53802 | WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability — Futurio ExtraCWE-79 | 6.5 | Medium | 2024-12-06 |
| CVE-2024-10695 | Futurio Extra <= 2.0.13 - Authenticated (Contributor+) Post Disclosure — Futurio ExtraCWE-639 | 4.3 | Medium | 2024-11-12 |
| CVE-2024-50446 | WordPress Futurio Extra plugin <= 2.0.11 - Cross Site Scripting (XSS) vulnerability — Futurio ExtraCWE-79 | 6.5 | Medium | 2024-10-28 |
| CVE-2024-5646 | Futurio Extra <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Text Block Widget — Futurio ExtraCWE-79 | 6.4 | Medium | 2024-06-11 |
| CVE-2023-40201 | WordPress Futurio Extra Plugin <= 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF) — Futurio ExtraCWE-352 | 6.5 | Medium | 2023-10-03 |
This page lists every published CVE security advisory associated with futuriowp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.