GCVE - cpe:2.3:a:favethemes:homey:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:favethemes:homey:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Favethemes (`b7413514-df46-5c03-8515-1bf5cdae053b`)
Product	Homey (`340477e5-bd00-587d-b2ed-66eb8f7d4950`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-52834`	vulnerable	2026-06-08 07:31:13.022711	WordPress Homey theme <= 2.4.7 - SQL Injection vulnerability CRITICAL (9.3) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in favethemes Homey homey allows SQL Injection.This issue affects Homey: from n/a through <= 2.4.7. Published: 2025-06-27T11:52:13.285Z Updated: 2026-04-28T16:13:20.001Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/homey/vulnerability/wordpress-homey-2-4-5-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-31037`	vulnerable	2026-06-08 07:17:02.265485	WordPress Homey theme <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey homey allows Reflected XSS.This issue affects Homey: from n/a through <= 2.4.5. Published: 2025-07-04T11:18:07.116Z Updated: 2026-04-28T16:12:03.954Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/homey/vulnerability/wordpress-homey-theme-2-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-51800`	vulnerable	2026-06-08 06:52:12.845095	WordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerability CRITICAL (9.8) Incorrect Privilege Assignment vulnerability in Favethemes Homey allows Privilege Escalation.This issue affects Homey: from n/a through 2.4.1. Published: 2025-04-04T13:47:14.367Z Updated: 2026-04-28T16:10:36.583Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/theme/homey/vulnerability/wordpress-homey-theme-2-4-1-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.