Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

RedhatCVE
RedhatCVEadded 2026/04/13 7:25 p.m.1 views

CVE-2026-39649

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS5.8AI score0.0004EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/08 8:30 a.m.0 views

CVE-2026-39649 WordPress Royale News theme <= 2.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS5.8AI score0.0004EPSS
Exploits0References1
CVE
CVEadded 2026/04/08 8:30 a.m.7 views

CVE-2026-39649

The CVE-2026-39649 entry concerns the WordPress Royale News theme ( Royale News) version

5.3CVSS5.9AI score0.0004EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/08 8:30 a.m.18 views

CVE-2026-39649 WordPress Royale News theme <= 2.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS0.0004EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 5:53 a.m.7 views

CVE-2026-27353

CVE-2026-27353 is a reflected XSS in the ThemeGoods Grand News grandnews WordPress theme, affecting Grand News: from n/a through

7.1CVSS5.9AI score0.00045EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/02/25 7:59 a.m.3 views

WordPress Grand News | Magazine Newspaper WordPress theme <= 3.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand News versions = 3.4.3...

7.1CVSS5.9AI score0.00045EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-3808

Malware in sbrugna...

4.3CVSS6.3AI score0.00217EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 5:3 a.m.5 views

CVE-2023-27421

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS5.9AI score0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 1:31 a.m.4 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS7.1AI score0.00113EPSS
Exploits0References1
OSV
OSVadded 2025/01/26 12:15 p.m.2 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS5.9AI score
Exploits0References2
Cvelist
Cvelistadded 2025/01/26 11:9 a.m.12 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS0.00113EPSS
Exploits0References2
CVE
CVEadded 2025/01/26 11:9 a.m.50 views

CVE-2024-11936

CVE-2024-11936 (Zox News, WordPress) : The Zox News theme (versions

8.8CVSS8.8AI score0.00113EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/01/26 11:9 a.m.6 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS9.1AI score0.00113EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/01/26 12:0 a.m.3 views

PT-2025-1721 · WordPress · Zox News

Name of the Vulnerable Software and Affected Versions: Zox News theme for WordPress versions up to, and including, 3.16.0 Description: The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the...

8.8CVSS7.2AI score0.00113EPSS
Exploits0References10
Cvelist
Cvelistadded 2025/01/02 12:0 p.m.15 views

CVE-2024-37473 WordPress Trendy News theme <= 1.0.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in blazethemes Trendy News trendy-news allows Cross Site Request Forgery.This issue affects Trendy News: from n/a through = 1.0.15...

4.3CVSS0.00162EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/10/24 12:0 a.m.8 views

WordPress Meta News Theme <= 1.1.7 is vulnerable to Local File Inclusion

Software Meta News Type Theme Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50435 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID d90fa015825d Credits tahu.datar Required privilege Unauthenticated...

7.5CVSS6.8AI score0.02261EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2024/07/01 12:0 a.m.7 views

WordPress Trendy News Theme <= 1.0.15 is vulnerable to Cross Site Request Forgery (CSRF)

Software Trendy News Type Theme Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37473 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 275e88937c50 Credits Dhabaleshwar Das...

6.4AI score0.00162EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2023/08/08 11:15 a.m.0 views

CVE-2023-27421

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

6.1CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded 2023/08/08 10:30 a.m.15 views

CVE-2023-27421 WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS6.3AI score0.00105EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/08 10:30 a.m.13 views

CVE-2023-27421 WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS5.9AI score0.00105EPSS
Exploits0References1
Rows per page
Query Builder