Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.1 views

CVE-2025-68905 WordPress JNews - Pay Writer plugin <= 11.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jegtheme JNews - Pay Writer jnews-pay-writer allows PHP Local File Inclusion.This issue affects JNews - Pay Writer: from n/a through = 11.0.0...

7.5CVSS5.9AI score0.00397EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.7 views

CVE-2025-68906

CVE-2025-68906 – JNews - Video (Jegtheme JNews - Video) Reflected XSS . The flaw is an improper neutralization of input during web page generation, enabling Reflected Cross-Site Scripting for the plugin up to version 11.0.2. Affected software: jegtheme JNews - Video; affected range: from n/a thro...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.17 views

CVE-2025-68904 WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through = 11.0.0...

7.1CVSS0.00186EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/13 8:3 a.m.6 views

WordPress JNews - Video plugin <= 11.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress JNews - Video plugin = 11.0.2 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Video versions = 11.0.2...

7.1CVSS6.1AI score0.00175EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/12 1:15 p.m.5 views

WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress JNews - Frontend Submit plugin = 11.0.0 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Frontend Submit versions = 11.0.0...

7.1CVSS6.1AI score0.00186EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/06 4:24 p.m.5 views

WordPress JNews Paywall plugin < 12.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin JNews Paywall versions 12.0.1...

4.3CVSS7AI score0.00102EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/22 12:0 a.m.9 views

WordPress JNews Theme <= 11.6.5 is vulnerable to Broken Access Control

Software JNews Type Theme Vulnerable versions = 11.6.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-39373 Patch priority Low CVSS severity Low 5.3 Developer EPC PSID 775c2569b9cb Credits Ananda Dhakal Patchstack Required privilege...

5.3CVSS6.6AI score0.00224EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder