Vulnerabilities and security researches foreverest-news everest-news

Jun 10, 2024

CVE, Research URL: CVE-2023-28687
Home page URL: Security reports for Everest News
Application: Everest News
Date: Mar 27, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-27421
Home page URL: Security reports for Everest News
Application: Everest News
Date: Aug 08, 2023
Research Description: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest themes Everest News theme <= 1.1.0 versions.
Affected versions: Min -, max -.
Status: vulnerable