Lucene search
K

14 matches found

NVD
NVD
added 2025/02/11 8:15 a.m.8 views

CVE-2024-13643

The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backupoptions and resetoptions functions i...

8.8CVSS0.00592EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/11 7:30 a.m.11 views

CVE-2024-13643 Zox News <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification

The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backupoptions and resetoptions functions i...

8.8CVSS0.00592EPSS
Exploits0References3
CVE
CVE
added 2025/02/11 7:30 a.m.43 views

CVE-2024-13643

CVE-2024-13643 relates to the Zox News – Pro WordPress Theme plugin (WordPress) with versions up to 3.17.0. The root cause, per Wordfence and related sources, is missing authorization checks in backup_options() and reset_options(), allowing authenticated users with Subscriber-level access and abo...

8.8CVSS8.8AI score0.00592EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.3 views

WordPress plugin Zox News 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

8.8CVSS8.1AI score0.00592EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.4 views

PT-2025-6170 · WordPress · Zox News - Professional Wordpress News & Magazine Theme

Name of the Vulnerable Software and Affected Versions: Zox News - Professional WordPress News & Magazine Theme plugin for WordPress versions up to and including 3.17.0 Description: The vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks...

8.8CVSS9.5AI score0.00592EPSS
Exploits0References10
Patchstack
Patchstack
added 2025/02/10 10:37 p.m.5 views

WordPress Zox News plugin <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Modification vulnerability discovered by Lucio Sá in WordPress Theme Zox News versions = 3.17.0...

8.8CVSS7AI score0.00592EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 1:31 a.m.7 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS7.1AI score0.0036EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/27 11:5 p.m.5 views

WordPress Zox News plugin <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Tonn in WordPress Theme Zox News versions = 3.16.0...

8.8CVSS7AI score0.0036EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/01/26 12:15 p.m.4 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS5.9AI score0.0036EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/26 11:9 a.m.7 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS9.1AI score0.0036EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/26 11:9 a.m.16 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS0.0036EPSS
Exploits0References2
CVE
CVE
added 2025/01/26 11:9 a.m.58 views

CVE-2024-11936

CVE-2024-11936 (Zox News, WordPress) : The Zox News theme (versions

8.8CVSS8.8AI score0.0036EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/01/26 12:0 a.m.7 views

WordPress plugin Zox News 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

8.8CVSS8.3AI score0.0036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/26 12:0 a.m.6 views

PT-2025-1721 · WordPress · Zox News

Name of the Vulnerable Software and Affected Versions: Zox News theme for WordPress versions up to, and including, 3.16.0 Description: The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the...

8.8CVSS7.2AI score0.0036EPSS
Exploits0References10
Rows per page
Query Builder