PT-2026-3983 · WordPress · Jthemes Xsmart
Published
2026-01-22
·
Updated
2026-01-25
·
CVE-2025-50007
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Jthemes xSmart versions through 1.2.9.4
Description
An incorrect privilege assignment exists in Jthemes xSmart, potentially allowing for privilege escalation.
Recommendations
Update Jthemes xSmart to a version newer than 1.2.9.4.
Fix
LPE
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jthemes Xsmart