Filtered by vendor Jnews
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67538 | 2 Jnews, Wordpress | 2 Jnews, Wordpress | 2025-12-10 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews Gallery jnews-gallery allows Stored XSS.This issue affects JNews Gallery: from n/a through < 12.0.1. | ||||
| CVE-2025-67591 | 2 Jnews, Wordpress | 2 Jnews, Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.This issue affects JNews Paywall: from n/a through < 12.0.1. | ||||
| CVE-2021-24342 | 1 Jnews | 1 Jnews | 2024-11-21 | 6.1 Medium |
| The JNews WordPress theme before 8.0.6 did not sanitise the cat_id parameter in the POST request /?ajax-request=jnews (with action=jnews_build_mega_category_*), leading to a Reflected Cross-Site Scripting (XSS) issue. | ||||
Page 1 of 1.