4 matches found
CVE-2025-1307
The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunchinstallandactivateplugin function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above...
Exploit for Missing Authorization in Spicethemes Newscrunch
Newscrunch Exploit CVE-2025-1307 🚨 Overview This exploit...
CVE-2025-1307
creationtimestamp| type| source ---|---|--- 2025-03-04 05:30:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6343 2025-03-04 06:01:30+00:00| published-proof-of-concept| Telegram/macVH0v7i2nzlHDG3843dn9M-u-r9AI0mgz7c0Lv52YB4Bs 2025-03-04 07:04:08+00:00| seen|...
CVE-2025-1307
The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunchinstallandactivateplugin function in all versions up to, and including, 1.8.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above...