GCVE - cpe:2.3:a:uxper:nuss:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:uxper:nuss:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Uxper (`6c56a358-8d6f-5c7d-9d6e-386b1220c2cf`)
Product	Nuss (`a5a0c2a3-e06f-5e86-be64-002489f72288`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-52827`	vulnerable	2026-06-08 07:31:13.014249	WordPress Nuss theme <= 1.3.3 - PHP Object Injection Vulnerability HIGH (8.8) Deserialization of Untrusted Data vulnerability in uxper Nuss nuss allows Object Injection.This issue affects Nuss: from n/a through <= 1.3.3. Published: 2025-06-27T11:52:14.560Z Updated: 2026-05-12T00:27:38.506Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/nuss/vulnerability/wordpress-nuss-1-3-3-php-object-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-52804`	vulnerable	2026-06-08 07:31:12.991466	WordPress Nuss theme <= 1.3.7.1 - Broken Access Control Vulnerability HIGH (7.5) Missing Authorization vulnerability in uxper Nuss nuss allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Nuss: from n/a through <= 1.3.7.1. Published: 2025-07-16T11:27:53.783Z Updated: 2026-04-28T16:13:19.221Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/nuss/vulnerability/wordpress-nuss-1-3-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49894`	vulnerable	2026-06-08 07:29:15.069723	WordPress Nuss Theme <= 1.3.3 - Local File Inclusion Vulnerability HIGH (8.1) Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through <= 1.3.3. Published: 2025-08-20T08:03:36.141Z Updated: 2026-04-28T16:13:07.429Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/nuss/vulnerability/wordpress-nuss-theme-1-3-3-local-file-inclusion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-49893`	vulnerable	2026-06-08 07:29:15.063364	WordPress Nuss Theme <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Nuss nuss allows Reflected XSS.This issue affects Nuss: from n/a through <= 1.3.3. Published: 2025-08-20T08:03:36.738Z Updated: 2026-04-28T16:13:07.341Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/nuss/vulnerability/wordpress-nuss-theme-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.