8 matches found
CVE-2020-36721
The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...
CVE-2020-36721
The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...
CVE-2020-36708
CVE-2020-36708 : The Nuclei template confirms a remote code execution flaw in WordPress themes using the Epsilon Framework (Shapely, NewsMag, Activello, Illdy, Allegiant, Newspaper X, Pixova Lite, Brilliance, MedZone Lite, Regina Lite, Transcend, Affluent, Bonkers, Antreas, Sparkling, NatureMag L...
WordPress Newspaper X Theme <= 1.3.1 is vulnerable to Broken Access Control
Software Newspaper X Type Theme Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36721 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 364d88cff362 Credits Jerome Bruandet - NinTechNet...
WordPress Plugin Brilliance 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
VulnCheck KEV: CVE-2020-36708
The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina...
PT-2023-11863 · Activello +1 · Activello +2
Name of the Vulnerable Software and Affected Versions: The Brilliance versions prior to 1.2.8 Activello versions prior to 1.4.1 Newspaper X versions prior to 1.3.2 Description: The issue is related to the lack of capability and security checks/nonces in the activello activate plugin and activello...
WordPress Newspaper X theme <= 1.3.1 - Unauthenticated Function Injection vulnerability
Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Newspaper X theme versions = 1.3.1. Solution Update the WordPress Newspaper X theme to the latest available version at least 1.3.2...