Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Templately

Source -

CNA

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2025-49408
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.9||MEDIUM
EPSS-0.04% / 9.67%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 08:03
Updated-20 Aug, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Templately Plugin <= 3.2.7 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data. This issue affects Templately: from n/a through 3.2.7.

Action-Not Available
Vendor-WPDeveloper
Product-Templately
CWE ID-CWE-201
Insertion of Sensitive Information Into Sent Data
CVE-2024-47308
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 47.24%
||
7 Day CHG~0.00%
Published-01 Nov, 2024 | 14:17
Updated-12 Nov, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Templately plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Templately: from n/a through 3.1.2.

Action-Not Available
Vendor-Templately
Product-templatelyTemplatelytemplately
CWE ID-CWE-862
Missing Authorization
CVE-2024-50423
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.10% / 28.69%
||
7 Day CHG+0.02%
Published-29 Oct, 2024 | 21:26
Updated-01 Nov, 2024 | 12:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Templately plugin <= 3.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5.

Action-Not Available
Vendor-Templately
Product-Templately
CWE ID-CWE-862
Missing Authorization
CVE-2024-50424
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 29.48%
||
7 Day CHG+0.02%
Published-29 Oct, 2024 | 21:24
Updated-01 Nov, 2024 | 12:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Templately plugin <= 3.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from n/a through 3.1.5.

Action-Not Available
Vendor-Templately
Product-Templately
CWE ID-CWE-862
Missing Authorization
CVE-2023-5454
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.12%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 20:40
Updated-26 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization

The Templately WordPress plugin before 2.2.6 does not properly authorize the `saved-templates/delete` REST API call, allowing unauthenticated users to delete arbitrary posts.

Action-Not Available
Vendor-UnknownTemplately
Product-templatelyTemplately
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-284
Improper Access Control