Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/08/22 7:36 a.m.7 views

CVE-2025-9202

The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS6.8AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 6:39 a.m.11 views

CVE-2025-9202 ColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation

The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS0.0022EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/20 6:39 a.m.4 views

CVE-2025-9202 ColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation

The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS6.7AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.5 views

PT-2025-33905 · Themegrill +1 · Themegrill-Demo-Importer +1

Name of the Vulnerable Software and Affected Versions: ColorMag versions prior to 4.0.20 Description: The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the welcome notice import handler function. This allows authenticated...

4.3CVSS6.1AI score0.0022EPSS
Exploits0References7
CVE
CVE
added 2021/11/01 9:1 p.m.72 views

CVE-2021-39333

CVE-2021-39333 : The Hashthemes Demo Importer Plugin for WordPress (versions

8.1CVSS8.2AI score0.01016EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/01 12:0 a.m.5 views

PT-2021-22539 · Hasthemes · Hashthemes Demo Importer Plugin

Name of the Vulnerable Software and Affected Versions: Hashthemes Demo Importer Plugin versions 1.1.1 and earlier Description: The issue allows logged-in users to execute a function that truncates nearly all database tables and removes the contents of wp-content/uploads, due to several AJAX...

8.1CVSS8AI score0.01016EPSS
Exploits1References4
Rows per page
Query Builder