| CVE-2025-52810 | WordPress Katerio - Magazine theme <= 1.5.1 - Local File Inclusion Vulnerability | TMRW-studio | Katerio - Magazine | High | 8.1 | 2025-06-27 11:52:21 | Deep Dive |
| CVE-2025-52811 | WordPress Davenport - Versatile Blog and Magazine WordPress Theme <= 1.3 - Local File Inclusion Vulnerability | Creanncy | Davenport - Versatile Blog and Magazine WordPress Theme | High | 8.1 | 2025-06-27 11:52:20 | Deep Dive |
| CVE-2025-5234 | Gutenverse News <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via elementId Parameter | jegstudio | Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons | Medium | 6.4 | 2025-06-19 09:23:48 | Deep Dive |
| CVE-2025-47576 | WordPress Bimber - Viral Magazine WordPress Theme theme <= 9.2.5 - Local File Inclusion vulnerability | Bringthepixel | Bimber - Viral Magazine WordPress Theme | High | 8.8 | 2025-05-19 16:23:39 | Deep Dive |
| CVE-2025-32191 | WordPress News Element Elementor Blog Magazine plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability | webangon | News Element Elementor Blog Magazine | Medium | 6.5 | 2025-04-04 15:59:05 | Deep Dive |
| CVE-2025-31740 | WordPress News, Magazine and Blog Elements Plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability | aThemeArt | News, Magazine and Blog Elements | Medium | 6.5 | 2025-04-01 14:51:06 | Deep Dive |
| CVE-2025-31741 | WordPress Easy Magazine plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability | Filtr8 | Easy Magazine | Medium | 6.5 | 2025-04-01 14:51:06 | Deep Dive |
| CVE-2024-8682 | JNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User Registration | https://themeforest.net/item/jnews-one-stop-solution-for-web-publishing/20566392 | JNews - WordPress Newspaper Magazine Blog AMP Theme | Medium | 5.3 | 2025-03-05 08:21:55 | Deep Dive |
| CVE-2024-13770 | Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Unauthenticated PHP Object Injection | ThemeREX | Puzzles | WP Magazine / Review with Store WordPress Theme + RTL | High | 8.1 | 2025-02-13 04:21:47 | Deep Dive |
| CVE-2025-0837 | Puzzles <= 4.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ThemeREX | Puzzles | WP Magazine / Review with Store WordPress Theme + RTL | Medium | 6.4 | 2025-02-13 04:21:46 | Deep Dive |
| CVE-2024-13656 | Click Mag - Viral WordPress News Magazine/Blog Theme <= 3.6.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion | MVPThemes | Click Mag - Viral WordPress News Magazine/Blog Theme | High | 8.1 | 2025-02-12 04:22:17 | Deep Dive |
| CVE-2024-13769 | Puzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | ThemeREX | Puzzles | WP Magazine / Review with Store WordPress Theme + RTL | Medium | 6.4 | 2025-02-12 04:22:14 | Deep Dive |
| CVE-2024-13643 | Zox News <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification | MVPThemes | Zox News - Professional WordPress News & Magazine Theme | High | 8.8 | 2025-02-11 07:30:22 | Deep Dive |
| CVE-2024-56258 | WordPress Magazine Blocks plugin <= 1.3.20 - Cross Site Scripting (XSS) vulnerability | BlockArt | Magazine Blocks | Medium | 6.5 | 2025-01-02 12:01:27 | Deep Dive |
| CVE-2024-10663 | Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission | smarettheme | Eleblog – Elementor Blog And Magazine Addons | Medium | 4.3 | 2024-12-04 02:40:28 | Deep Dive |
| CVE-2024-50429 | WordPress Magazine Blocks plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability | BlockArt | Magazine Blocks | Medium | 6.5 | 2024-10-28 18:23:41 | Deep Dive |
| CVE-2024-9218 | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid <= 1.3.14 - Reflected Cross-Site Scripting | wpblockart | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid | Medium | 6.1 | 2024-10-02 08:31:51 | Deep Dive |
| CVE-2024-6459 | News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI | Unknown | News Element Elementor Blog Magazine | - | - | 2024-08-17 06:00:03 | Deep Dive |
| CVE-2024-5574 | WP Magazine Modules Lite <= 1.1.2 - Authenticated (Contributor+) Local File Inclusion | codevibrant | WP Magazine Modules Lite | High | 7.5 | 2024-06-19 05:37:43 | Deep Dive |
| CVE-2024-4615 | Elespare – Blog, Magazine and Newspaper Addons for Elementor with Templates, Widgets, Kits, and Header/Footer Builder. One Click Import: No Coding Required! <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Horizontal Nav Menu Widget | elespare | EleSpare – News, Magazine and Blog Addons for Elementor | Medium | 6.4 | 2024-06-13 07:31:53 | Deep Dive |