Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:38 p.m.10 views

CVE-2020-36721

The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...

6.5CVSS7AI score0.00979EPSS
Exploits1References1
OSV
OSV
added 2023/06/07 2:15 a.m.3 views

CVE-2020-36721

The Brilliance = 1.2.7, Activello = 1.4.0, and Newspaper X = 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activelloactivateplugin' and 'activellodeactivateplugin' functions in the 'inc/welcome-screen/class-activello-welcome.php' file missing...

6.5CVSS5.9AI score0.00979EPSS
Exploits1References5
CVE
CVE
added 2023/06/07 1:51 a.m.65 views

CVE-2020-36708

CVE-2020-36708 : The Nuclei template confirms a remote code execution flaw in WordPress themes using the Epsilon Framework (Shapely, NewsMag, Activello, Illdy, Allegiant, Newspaper X, Pixova Lite, Brilliance, MedZone Lite, Regina Lite, Transcend, Affluent, Bonkers, Antreas, Sparkling, NatureMag L...

9.8CVSS9.7AI score0.65342EPSS
Exploits1References5Affected Software16
Patchstack
Patchstack
added 2023/06/07 12:0 a.m.12 views

WordPress Newspaper X Theme <= 1.3.1 is vulnerable to Broken Access Control

Software Newspaper X Type Theme Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2020-36721 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 364d88cff362 Credits Jerome Bruandet - NinTechNet...

6.5CVSS6.4AI score0.00979EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.5 views

WordPress Plugin Brilliance 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.5AI score0.00979EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2023/06/07 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-36708

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina...

9.8CVSS7.2AI score0.65342EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.4 views

PT-2023-11863 · Activello +1 · Activello +2

Name of the Vulnerable Software and Affected Versions: The Brilliance versions prior to 1.2.8 Activello versions prior to 1.4.1 Newspaper X versions prior to 1.3.2 Description: The issue is related to the lack of capability and security checks/nonces in the activello activate plugin and activello...

6.5CVSS6.4AI score0.00979EPSS
Exploits1References7
Patchstack
Patchstack
added 2020/10/01 12:0 a.m.14 views

WordPress Newspaper X theme <= 1.3.1 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Newspaper X theme versions = 1.3.1. Solution Update the WordPress Newspaper X theme to the latest available version at least 1.3.2...

3.1AI score
Exploits0References2Affected Software1
Rows per page
Query Builder