Product
themify builder
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-67231
CVE-2025-67230
CVE-2025-67229
CVE-2024-56216
CVE-2024-52423
CVE-2024-9385
CVE-2024-7836
CVE-2024-3032
CVE-2024-24872
CVE-2008-4178
< 0.33.1
A reflected cross-site scripting (XSS) vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in th
< 0.33.0
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context
< 0.32.1
An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated,
<= 7.6.3
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme
<= 7.6.3
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Builder th
< 7.6.3
The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without a
< 7.6.2
The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to missing checks on the duplicate_pag
< 7.5.8
Themify Builder WordPress plugin before 7.5.8 does not validate a parameter before redirecting the user to its value, leading to a
< 7.0.6
Cross-Site Request Forgery (CSRF) vulnerability in Themify Builder.This issue affects Themify Builder: from n/a through 7.
all versions
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Go