16 matches found
CVE-2026-24615
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24615
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24615 WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24615 WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24615
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through = 2.1.10...
CVE-2026-24615
CVE-2026-24615 affects Cream Magazine (WordPress theme) up to version 2.1.10. Public docs describe a Missing Authorization vulnerability in cream-magazine that allows exploitation of improperly configured access controls. The Red Hat/RedHat-CVE and CVE databases confirm the issue and indicate the...
WordPress plugin Cream Magazine has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
PT-2026-4447
Name of the Vulnerable Software and Affected Versions Cream Magazine versions through 2.1.10 Description An issue exists in Cream Magazine that relates to incorrectly configured access control security levels, potentially allowing unauthorized access. Recommendations Update Cream Magazine to a...
WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by John P in WordPress Theme Cream Magazine versions = 2.1.10...
EUVD-2023-32330
Malicious code in bioql PyPI...
CVE-2023-28687
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687 Reflected Cross-Site Scripting (XSS) vulnerability in multiple WordPress themes
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
CVE-2023-28687
CVE-2023-28687 is a Reflected XSS vulnerability affecting multiple WordPress themes: Glaze Blog Lite (<= 1.1.4), Fascinate (<= 1.0.8), Cream Blog (<= 2.1.3), and Cream Magazine (= 1.1.5, Fascinate >= 1.0.9, Cream Blog >= 2.1.4, and Cream Magazine >= 2.1.5. Patch priority ranges ...
CVE-2023-28687 Reflected Cross-Site Scripting (XSS) vulnerability in multiple WordPress themes
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through = 1.1.4; Fascinate: fr...
WordPress Cream Magazine Theme <= 2.1.4 is vulnerable to Cross Site Scripting (XSS)
Software Cream Magazine Type Theme Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28687 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7a491754a1a0 Credits László Radnai...