WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution

WordPress themes including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina Lite = 2.0.4, Transcend = 1.1.8, Affluent = 1.1.0, Bonkers = 1.0.4, Antreas = 1.0.2, Sparkli...

EUVD-2026-20104

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the DSGVOGWPdownloadGoogleFonts function in all versions up to, and including, 1.1. The function is exposed via a wpajaxnopriv hook, requiring no authentication. It...

CVE-2026-3535

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the DSGVOGWPdownloadGoogleFonts function in all versions up to, and including, 1.1. The function is exposed via a wpajaxnopriv hook, requiring no authentication. It...

CVE-2026-3535

The CVE concerns the DSGVO Google Web Fonts GDPR WordPress plugin. All versions up to 1.1 are vulnerable due to missing file type validation in the DSGVOGWPdownloadGoogleFonts() function. The function, exposed via a wp_ajax_nopriv_ hook (no authentication), fetches a user-supplied URL as a CSS fi...

PT-2026-31095

Name of the Vulnerable Software and Affected Versions DSGVO Google Web Fonts GDPR plugin for WordPress versions up to and including 1.1 Description The DSGVO Google Web Fonts GDPR plugin for WordPress is susceptible to arbitrary file upload due to the absence of file type validation in the...

[SECURITY] Fedora 37 Update: python-geopandas-0.14.1-1.fc37

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

[SECURITY] Fedora 39 Update: python-geopandas-0.14.1-1.fc39

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

[SECURITY] Fedora 38 Update: python-geopandas-0.14.1-1.fc38

GeoPandas is a project to add support for geographic data to Pandas objects. The goal of GeoPandas is to make working with geospatial data in Python easie r. It combines the capabilities of Pandas and Shapely, providing geospatial operations in Pandas and a high-level interface to multiple...

Fedora: Security Advisory for python-geopandas (FEDORA-2023-8857bdcd95)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python-geopandas (FEDORA-2023-c907492c3e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-36708

CVE-2020-36708 : The Nuclei template confirms a remote code execution flaw in WordPress themes using the Epsilon Framework (Shapely, NewsMag, Activello, Illdy, Allegiant, Newspaper X, Pixova Lite, Brilliance, MedZone Lite, Regina Lite, Transcend, Affluent, Bonkers, Antreas, Sparkling, NatureMag L...

VulnCheck KEV: CVE-2020-36708

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina...

WordPress Shapely theme <= 1.2.8 - Unauthenticated Function Injection vulnerability

Unauthenticated Function Injection vulnerability found by Jerome Bruandet NinTechNet in WordPress Shapely theme versions = 1.2.8. Solution Update the WordPress Shapely theme to the latest available version at least 1.2.9...