Skip to main content

Regina Lite

3 CVEs product

Monthly

CVE-2020-36721 MEDIUM POC This Month

The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress Authentication Bypass Activello Bonkers +13
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2020-36708 CRITICAL POC THREAT Emergency

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 90.5%.

RCE Code Injection WordPress Activello Bonkers +14
NVD WPScan VulDB
CVSS 3.1
9.8
EPSS
90.5%
Threat
6.2
CVE-2023-27619 MEDIUM This Month

Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes Regina Lite theme <= 2.0.7 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Regina Lite
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress Authentication Bypass +15
NVD VulDB
EPSS 90% 6.2 CVSS 9.8
CRITICAL POC THREAT Emergency

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 90.5%.

RCE Code Injection WordPress +16
NVD WPScan VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes Regina Lite theme <= 2.0.7 versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Regina Lite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy