cleantalk
Vulnerabilities and Security Researches

Everest News, CVE-2023-28687

CVE, Research URL

CVE-2023-28687

Home page URL

Security reports for Everest News

Application

Everest News

Published on
Mar 27, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4.
Affected versions
Min -, max 1.1.0.
Status
vulnerable
Previous vulnerability researches
Everest News (CVE-2023-28687) , Jun 10, 2024
Everest News (CVE-2023-27421) , Jun 10, 2024
New vulnerability
Tiktok Feed &#8211; Best TikTok feed plugin for WordPress (CVE-2025-54710) , Aug 29, 2025
GiveWP &#8211; Donation Plugin and Fundraising Platform (CVE-2025-7221) , Aug 29, 2025
Add Code To Head (CVE-2025-48314) , Aug 29, 2025
130+ Widgets | Best Addons For Elementor &#8211; FREE (CVE-2025-58195) , Aug 29, 2025
WP Bulk Delete (CVE-2025-58192) , Aug 29, 2025