17 matches found
CVE-2026-39648
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
EUVD-2026-20311
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
CVE-2026-39648
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
CVE-2026-39648 WordPress Cream Blog theme <= 2.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
CVE-2026-39648 WordPress Cream Blog theme <= 2.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
CVE-2026-39648
Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Blog: from n/a through = 2.1.7...
CVE-2026-39648
CVE-2026-39648 affects the WordPress Cream Blog theme (Cream Blog) up to version 2.1.7. The issue is a Missing/Incorrectly Configured Access Control vulnerability (Missing Authorization) that allows bypassing normal authorization checks. Documents consistently describe a broken access control vul...
PT-2026-31212
CVE-2026-39648 Missing Authorization vulnerability in themebeez Cream Blog cream-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crea… https://t.co/HuXpJ3TJJC...
WordPress plugin Cream Blog 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
EUVD-2023-32330
Malicious code in bioql PyPI...
CVE-2023-28687
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687 Reflected Cross-Site Scripting (XSS) vulnerability in multiple WordPress themes
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687 Reflected Cross-Site Scripting (XSS) vulnerability in multiple WordPress themes
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687
CVE-2023-28687 is a Reflected XSS vulnerability affecting multiple WordPress themes: Glaze Blog Lite (<= 1.1.4), Fascinate (<= 1.0.8), Cream Blog (<= 2.1.3), and Cream Magazine (= 1.1.5, Fascinate >= 1.0.9, Cream Blog >= 2.1.4, and Cream Magazine >= 2.1.5. Patch priority ranges ...
WordPress Plugin Cream Blog 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Cream Blog Theme <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Cream Blog Type Theme Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28687 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 08758c27269b Credits László Radnai Required...