The7

Dream-Theme

Developer

N/A

Latest version

N/A

Downloads

N/A

Last updated

WordPress Theme

Active VDP

Report vulnerability

Vulnerabilities

Security Policy

Security Contributors

Vulnerability history

2 present

6 fixed

1 Mitigation rules

Authenticated (Contributor+) Stored Cross-Site Scripting via 'the7_fancy_title_css' vulnerability
<= 12.9.1
Oct 25, 2025
Cross Site Scripting (XSS) vulnerability
<= 12.8.0.2
Oct 5, 2025
Local File Inclusion vulnerability
<= 12.8.0.2
Oct 4, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting via title and data-dt-img-description Attributes vulnerability
<= 12.6.0
Aug 11, 2025
Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute vulnerability
<= 11.13.0
Jun 25, 2024
Cross-Site Request Forgery (CSRF)
<= 11.7.3
Jun 27, 2023
Reflected Cross Site Scripting (XSS) vulnerability
<= 11.6.0
Apr 6, 2023
Cross Site Scripting vulnerability
<= 2.1.0
May 4, 2015