MPG
Themeisle
Developer
4.1.4
Latest version
3,000
Installations
Nov 5, 2025
Last updated
Vulnerability history
0 present
12 fixed
3 Mitigation rules
- Authenticated (Editor+) Server-Side Request Forgery via fileUrl vulnerability<= 4.0.5Jan 27, 2025
- Authenticated (Editor+) Directory Traversal to Limited File Deletion vulnerability<= 4.0.2Nov 12, 2024
- Missing Authorization vulnerability<= 4.0.1Oct 31, 2024
- SQL Injection vulnerability<= 3.4.7Sep 25, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 3.4.0Apr 5, 2024
- Broken Access Control vulnerability<= 3.4.0Mar 26, 2024
- Remote Code Execution (RCE) vulnerability<= 3.4.0Mar 13, 2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 2.8.12Jul 19, 2023
- SQL Injection vulnerability<= 3.3.19May 23, 2023
- Authenticated (Administrator+) SQL Injection vulnerability<= 3.3.17May 16, 2023
- Cross-Site Request Forgery vulnerability<= 3.3.17May 16, 2023
- Cross Site Request Forgery (CSRF)<= 3.3.9Feb 20, 2023