GCVE - cpe:2.3:a:themify:themify_ultra:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:themify:themify_ultra:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Themify (`f684b9e7-8f88-51e9-b947-ef1fa0635887`)
Product	Themify Ultra (`ab62963e-6891-584b-809a-b2205b3be199`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-46149`	vulnerable	2026-06-03 14:53:09.102061	WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload CRITICAL (9.9) Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. Published: 2023-12-20T18:33:09.420Z Updated: 2026-04-28T16:08:45.676Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-unrestricted-zip-extraction-lead-to-rce-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46148`	vulnerable	2026-06-03 14:53:09.101718	WordPress Themify Ultra theme <= 7.3.5 - Authenticated Arbitrary Settings Change vulnerability HIGH (8.8) Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. Published: 2024-06-19T11:13:30.499Z Updated: 2026-04-28T16:08:45.586Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-arbitrary-settings-change-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46147`	vulnerable	2026-06-03 14:53:09.100162	WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection HIGH (7.4) Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. Published: 2023-12-20T13:37:16.776Z Updated: 2026-04-28T16:08:45.574Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-php-object-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46146`	vulnerable	2026-06-03 14:53:09.099774	WordPress Themify Ultra theme <= 7.3.5 - Multiple Broken Access Control vulnerability HIGH (8.3) Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. Published: 2024-06-19T11:15:06.445Z Updated: 2026-04-28T16:08:45.528Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-multiple-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46145`	vulnerable	2026-06-03 14:53:09.098198	WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability HIGH (8.8) Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5. Published: 2024-05-17T08:32:43.678Z Updated: 2026-04-28T16:08:45.612Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.