Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.4 views

CVE-2026-39649

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39649 WordPress Royale News theme <= 2.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.20 views

CVE-2026-39649 WordPress Royale News theme <= 2.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Royale News royale-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royale News: from n/a through = 2.2.4...

5.3CVSS0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.10 views

CVE-2026-39649

The CVE-2026-39649 entry concerns the WordPress Royale News theme ( Royale News) version

5.3CVSS5.9AI score0.00214EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.8 views

CVE-2026-27353

CVE-2026-27353 is a reflected XSS in the ThemeGoods Grand News grandnews WordPress theme, affecting Grand News: from n/a through

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/25 7:59 a.m.8 views

WordPress Grand News | Magazine Newspaper WordPress theme <= 3.4.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Grand News versions = 3.4.3...

7.1CVSS5.9AI score0.0018EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2011-3808

Malware in sbrugna...

4.3CVSS6.3AI score0.01521EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.13 views

CVE-2023-27421

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:31 a.m.7 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS7.1AI score0.0036EPSS
Exploits0References1
OSV
OSV
added 2025/01/26 12:15 p.m.4 views

CVE-2024-11936

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS5.9AI score0.0036EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/26 11:9 a.m.7 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS9.1AI score0.0036EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/26 11:9 a.m.16 views

CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...

8.8CVSS0.0036EPSS
Exploits0References2
CVE
CVE
added 2025/01/26 11:9 a.m.57 views

CVE-2024-11936

CVE-2024-11936 (Zox News, WordPress) : The Zox News theme (versions

8.8CVSS8.8AI score0.0036EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/26 12:0 a.m.6 views

PT-2025-1721 · WordPress · Zox News

Name of the Vulnerable Software and Affected Versions: Zox News theme for WordPress versions up to, and including, 3.16.0 Description: The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the...

8.8CVSS7.2AI score0.0036EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/01/02 12:0 p.m.17 views

CVE-2024-37473 WordPress Trendy News theme <= 1.0.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in blazethemes Trendy News trendy-news allows Cross Site Request Forgery.This issue affects Trendy News: from n/a through = 1.0.15...

4.3CVSS0.00191EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.10 views

WordPress Meta News Theme <= 1.1.7 is vulnerable to Local File Inclusion

Software Meta News Type Theme Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50435 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID d90fa015825d Credits tahu.datar Required privilege Unauthenticated...

7.5CVSS6.8AI score0.00456EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/01 12:0 a.m.8 views

WordPress Trendy News Theme <= 1.0.15 is vulnerable to Cross Site Request Forgery (CSRF)

Software Trendy News Type Theme Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37473 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 275e88937c50 Credits Dhabaleshwar Das...

6.4AI score0.00191EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/08/08 11:15 a.m.3 views

CVE-2023-27421

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

6.1CVSS5.8AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/08 10:30 a.m.33 views

CVE-2023-27421 WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS6.3AI score0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/08 10:30 a.m.14 views

CVE-2023-27421 WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Everest themes Everest News theme = 1.1.0 versions...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References1
Rows per page
Query Builder