Orbit Fox by ThemeIsle
Themeisle
Developer
3.0.3
Latest version
100,000
Installations
Nov 3, 2025
Last updated
Vulnerability history
0 present
18 fixed
3 Mitigation rules
- Authenticated (Author+) Stored Cross-Site Scripting via Post Taxonomy vulnerability<= 3.0.2Nov 4, 2025
- Author+ Server-Side Request Forgery vulnerability< 3.0.2Oct 24, 2025
- Cross Site Scripting (XSS) Vulnerability<= 3.0.0Sep 3, 2025
- Cross Site Scripting (XSS) vulnerability<= 2.10.44Feb 3, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via title_tag Parameter vulnerability<= 2.10.43Jan 10, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget vulnerability<= 2.10.43Jan 9, 2025
- Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability<= 2.10.36Aug 22, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 2.10.34Jun 21, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripiting via Registration Form Widget vulnerability<= 2.10.32Mar 8, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 2.10.31Feb 26, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 2.10.30Feb 26, 2024
- Missing Authorization vulnerability<= 2.10.28Feb 2, 2024
- Cross-Site Request Forgery vulnerability<= 2.10.29Feb 2, 2024
- Authenticated(Contributor+) Stored Cross-site Scripting via Pricing Table Elementor Widget vulnerability<= 2.10.27Jan 16, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via custom fields vulnerability<= 2.10.26Jan 8, 2024
- Author+ Server-Side Request Forgery (SSRF) vulnerability< 2.10.24Apr 27, 2023
- Authenticated Privilege Escalation vulnerability<= 2.10.2Jan 12, 2021
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 2.10.2Jan 12, 2021