CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...

6.5CVSS7AI score0.00178EPSS

Exploits1References1

OSV•added 2023/06/07 2:15 a.m.•1 views

CVE-2020-36721

6.5CVSS5.9AI score0.00178EPSS

Exploits1References5

CVE•added 2023/06/07 1:51 a.m.•57 views

CVE-2020-36708

CVE-2020-36708 : The Nuclei template confirms a remote code execution flaw in WordPress themes using the Epsilon Framework (Shapely, NewsMag, Activello, Illdy, Allegiant, Newspaper X, Pixova Lite, Brilliance, MedZone Lite, Regina Lite, Transcend, Affluent, Bonkers, Antreas, Sparkling, NatureMag L...

9.8CVSS9.7AI score0.90049EPSS

Exploits1References5Affected Software16

CNNVD•added 2023/06/07 12:0 a.m.•1 views

WordPress Plugin Brilliance 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.5AI score0.00178EPSS

Exploits1References6

VulnCheck KEV•added 2023/06/07 12:0 a.m.•3 views

VulnCheck KEV: CVE-2020-36708

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina...

9.8CVSS7.2AI score0.90049EPSS

Exploits1References1

Positive Technologies•added 2023/06/07 12:0 a.m.•2 views

PT-2023-11863 · Activello +1 · Activello +2

Name of the Vulnerable Software and Affected Versions: The Brilliance versions prior to 1.2.8 Activello versions prior to 1.4.1 Newspaper X versions prior to 1.3.2 Description: The issue is related to the lack of capability and security checks/nonces in the activello activate plugin and activello...

6.5CVSS6.4AI score0.00178EPSS

Exploits1References7

Patchstack•added 2023/06/07 12:0 a.m.•11 views

WordPress Activello Theme <= 1.4.0 is vulnerable to Broken Access Control

Software Activello Type Theme Vulnerable versions = 1.4.0 Fixed in 1.4.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36721 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 121a85ec7375 Credits Jerome Bruandet - NinTechNet...

6.5CVSS6.4AI score0.00178EPSS

Exploits1References3Affected Software1

OSV•added 2023/04/16 9:15 a.m.•0 views

CVE-2022-45849

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS5.8AI score

Exploits0References1

NVD•added 2023/04/16 9:15 a.m.•14 views

CVE-2022-45849

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS5.3AI score0.00261EPSS

Exploits1References1

Prion•added 2023/04/16 9:15 a.m.•29 views

Cross site scripting

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

4.9CVSS5.3AI score0.00261EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/04/16 8:42 a.m.•13 views

CVE-2022-45849 WordPress Activello Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS5.5AI score0.00261EPSS

Exploits1References1

Vulnrichment•added 2023/04/16 8:42 a.m.•10 views

CVE-2022-45849 WordPress Activello Theme <= 1.4.4 is vulnerable to Cross Site Scripting (XSS)

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS6AI score0.00261EPSS

Exploits1References1

CVE•added 2023/04/16 8:42 a.m.•69 views

CVE-2022-45849

CVE-2022-45849 affects the WordPress Activello theme (versions

5.4CVSS5.3AI score0.00261EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/04/16 12:0 a.m.•0 views

WordPress plugin Activello 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.4AI score0.00261EPSS

Exploits1References2

OSV•added 2023/04/13 12:15 p.m.•1 views

CVE-2022-45358

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS5.8AI score0.00181EPSS

Exploits0References1

NVD•added 2023/04/13 12:15 p.m.•10 views

CVE-2022-45358

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Silkalns Activello theme = 1.4.4 versions...

5.4CVSS5.3AI score0.00181EPSS

Exploits0References1