SecAlerts
CVE ListPricingSign Up
Envato logo

Envato

Security Risk Profile

43
/100
medium

Security Risk Score

Comprehensive risk assessment based on 7 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from September 30, 2013 to present

7
Total CVEs
2
Critical+High
0
Exploited
1
Unpatched

Threat Assessment

Avg CVSS
6.2
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
43/100
medium

Severity Distribution

Critical
0
High
2
Medium
5
Low
0

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
0

Age Distribution

Common Weaknesses (CWE)

1
Malicious File Upload
2
2
Code Injection
1
3
SSRF
1
4
XSS
1

Most Affected Products

1. Envato Complete Gallery Manager Plugin24
2. Envato Smart Framework3
3. G5plus April Wordpress3
4. G5plus Auteur Wordpress3
5. G5plus Benaa Wordpress3

Recent Vulnerabilities

See more →
CVE-2024-13418
CVSS 8.8high

Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload

5/2/2025🔧 No Patch
CVE-2024-13420
CVSS 4.3medium

Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates

5/2/2025🔧 No Patch
CVE-2024-13419
CVSS 6.4medium

Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

5/2/2025🔧 No Patch
CVE-2024-56275
CVSS 4.1medium

WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability

1/7/2025
CVE-2024-37550
CVSS 5.9medium

WordPress Template Kit – Export plugin <= 1.0.22 - Cross Site Scripting (XSS) vulnerability

7/21/2024🔧 No Patch
CVE-2021-4330
CVSS 8.8high

Envato Elements <= 2.0.10 & Template Kit <= 1.0.13 - Authenticated (Contributor+) Arbitrary File Upload

3/7/2023
CVE-2013-5962
CVSS 5.1medium
9/30/2013🔧 No Patch

Monitor Envato in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.

Envato Security Vulnerabilities & Risk Score | 7 CVEs | SecAlerts - SecAlerts