Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

blazethemes — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting blazethemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by blazethemes:News Kit Elementor AddonsNewsmaticBlaze Demo ImporterDigital NewspaperNews Kit Addons For ElementorTrendy NewsPubnewsBlogmaticNews EventBlogisticBlogzee
CVE IDTitleCVSSSeverityPublished
CVE-2026-25416 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerability — News Kit Elementor AddonsCWE-862 9.1AICriticalAI2026-02-19
CVE-2025-68910 WordPress Blogzee theme <= 1.0.5 - Arbitrary File Upload vulnerability — BlogzeeCWE-434 8.8AIHighAI2026-01-22
CVE-2025-68909 WordPress Blogistic theme <= 1.0.5 - Arbitrary File Upload vulnerability — BlogisticCWE-434 8.8AIHighAI2026-01-22
CVE-2025-62056 WordPress News Event theme <= 1.0.1 - Arbitrary File Upload vulnerability — News EventCWE-434 9.8AICriticalAI2026-01-22
CVE-2025-62050 WordPress Blogmatic theme <= 1.0.3 - Arbitrary File Upload vulnerability — BlogmaticCWE-434 9.8AICriticalAI2026-01-22
CVE-2025-13334 Blaze Demo Importer 1.0.0 - 1.0.13 - Missing Authorization to Authenticated (Subscriber+) Database Reset and File Deletion — Blaze Demo ImporterCWE-862 8.1 High2025-12-12
CVE-2025-8446 Blaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install — Blaze Demo ImporterCWE-862 4.3 Medium2025-09-16
CVE-2025-54037 WordPress News Kit Elementor Addons plugin <= 1.3.4 - Broken Access Control Vulnerability — News Kit Elementor AddonsCWE-862 5.4 Medium2025-07-16
CVE-2025-32196 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — News Kit Elementor AddonsCWE-79 6.5 Medium2025-04-04
CVE-2024-37473 WordPress Trendy News theme <= 1.0.15 - Cross Site Request Forgery (CSRF) vulnerability — Trendy NewsCWE-352 4.3 Medium2025-01-02
CVE-2024-54260 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability — News Kit Elementor AddonsCWE-79 6.5 Medium2024-12-09
CVE-2024-10578 Pubnews <= 1.0.7 - Authenticated (Subscriber+) Arbitrary Plugin Installation — PubnewsCWE-434 8.8 High2024-12-06
CVE-2024-37468 WordPress Newsmatic theme <= 1.3.1 - Broken Access Control vulnerability — NewsmaticCWE-862 5.3 Medium2024-11-01
CVE-2024-9541 News Kit Elementor Addons <= 1.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Canvas Menu Elementor Template — News Kit Addons For ElementorCWE-200 4.3 Medium2024-10-22
CVE-2024-37198 WordPress Digital Newspaper theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability — Digital NewspaperCWE-352 4.3 Medium2024-06-21
CVE-2024-1587 Newsmatic <= 1.3.4 - Unauthenticated Information Exposure via newsmatic_filter_posts_load_tab_content — NewsmaticCWE-862 5.3 Medium2024-04-09

This page lists every published CVE security advisory associated with blazethemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.