GCVE - cpe:2.3:a:themify:themify_builder:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:themify:themify_builder:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Themify (`f684b9e7-8f88-51e9-b947-ef1fa0635887`)
Product	Themify Builder (`0a1ebbeb-7e93-545d-8ed4-78f26c9fef6e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-56216`	vulnerable	2026-06-03 14:57:42.669724	WordPress Themify Builder plugin <= 7.6.3 - Local File Inclusion vulnerability MEDIUM (6.5) Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Builder themify-builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through <= 7.6.3. Published: 2024-12-31T09:59:08.138Z Updated: 2026-04-28T16:10:55.120Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/themify-builder/vulnerability/wordpress-themify-builder-plugin-7-6-3-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-52423`	vulnerable	2026-06-03 14:57:29.472804	WordPress Themify Builder plugin <= 7.6.5 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder themify-builder allows Stored XSS.This issue affects Themify Builder: from n/a through <= 7.6.5. Published: 2024-11-18T16:03:45.592Z Updated: 2026-04-28T16:10:41.569Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/themify-builder/vulnerability/wordpress-themify-builder-plugin-7-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-24872`	vulnerable	2026-06-03 14:55:05.977311	WordPress Themify Builder Plugin <= 7.0.5 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (4.3) Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects Themify Builder: from n/a through 7.0.5. Published: 2024-02-21T06:57:31.115Z Updated: 2026-04-28T16:09:11.016Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/themify-builder/wordpress-themify-builder-plugin-7-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.