Newscrunch Security Vulnerabilities and Issues — Newscrunch CVE List

Lucene search

SpicethemesNewscrunch

1 matches found

CVE•added 2025/03/04 5:15 a.m.•56 views

CVE-2025-1306

The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.4. This is due to missing or incorrect nonce validation on the newscrunch_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload a...

8.8CVSS8.4AI score0.00041EPSS