All 2 CVE vulnerabilities found in Newscrunch, with AI-generated Chinese analysis, references, and POCs.
Vendor: spicethemes
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1307 | Newscrunch <= 1.8.4 - Authenticated (Subscriber+) Arbitrary File Upload CWE-862 | 9.8 | Critical | 2025-03-04 |
| CVE-2025-1306 | Newscrunch <= 1.8.4 - Cross-Site Request Forgery to Arbitrary File Upload CWE-352 | 8.8 | High | 2025-03-04 |
All 2 known CVE vulnerabilities affecting Newscrunch with full Chinese analysis, references, and POCs where available.