Approved changes feed: RSS · Atom

cpe:2.3:a:purethemes:listeo:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPurethemes (6ab5e8f3-e41b-5944-858e-03509e19c868)
ProductListeo (7a8ad577-5a37-5ff6-9026-9ef7abad9e88)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-24318 vulnerable 2026-06-08 05:30:04.180663 Listeo < 1.6.11 - Multiple Authenticated IDOR Vulnerabilities
The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete belong to the user making the request, allowing any authenticated users to delete arbitrary page/post and booking via an IDOR vector.
Published: 2021-06-01T11:33:30.000Z
Updated: 2024-08-03T19:28:23.792Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-24317 vulnerable 2026-06-08 05:30:04.179730 Listeo < 1.6.11 - Multiple XSS & XFS vulnerabilities
The Listeo WordPress theme before 1.6.11 did not properly sanitise some parameters in its Search, Booking Confirmation and Personal Message pages, leading to Cross-Site Scripting issues
Published: 2021-06-01T11:33:30.000Z
Updated: 2024-08-03T19:28:23.412Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.