EUVD-2024-51707

Malicious code in bioql PyPI...

EUVD-2024-51706

Malicious code in bioql PyPI...

CVE-2024-13654

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'resetoptions' function in all versions up to, and including, 2.12.0. This makes it possible for...

CVE-2024-13653

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' functions in all versions up to, and including, 2.12.0. Thi...

CVE-2024-13654

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'resetoptions' function in all versions up to, and including, 2.12.0. This makes it possible for...

CVE-2024-13654

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'resetoptions' function in all versions up to, and including, 2.12.0. This makes it possible for...

CVE-2024-13653

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' function in all versions up to, and including, 2.12.0. This makes it possible fo...

CVE-2024-13654

CVE-2024-13654 concerns the WordPress theme ZoxPress (

CVE-2024-13654 ZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'resetoptions' function in all versions up to, and including, 2.12.0. This makes it possible for...

CVE-2024-13653

CVE-2024-13653 affects ZoxPress (WordPress Theme) versions up to 2.12.0. A missing capability check in the backup_options function allows authenticated attackers with Subscriber-level access or higher to modify arbitrary options, enabling potential privilege escalation (e.g., changing the default...

CVE-2024-13653 ZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' functions in all versions up to, and including, 2.12.0. Thi...

CVE-2024-13653 ZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' function in all versions up to, and including, 2.12.0. This makes it possible fo...

WordPress plugin ZoxPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin ZoxPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-6436 · Zoxpress +1 · Zoxpress +1

Name of the Vulnerable Software and Affected Versions: The ZoxPress - The All-In-One WordPress News Theme versions up to, and including, 2.12.0 Description: The issue allows unauthorized modification of data, leading to privilege escalation due to a missing capability check on the backup options...

WordPress ZoxPress theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Deletion vulnerability discovered by Lucio Sá in WordPress Theme ZoxPress versions = 2.12.0...

WordPress ZoxPress theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by Lucio Sá in WordPress Theme ZoxPress versions = 2.12.0...