Brilliance
by WordPress
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-36721 | Med | 0.42 | 6.5 | 0.01 | Jun 7, 2023 | The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activello_activate_plugin' and 'activello_deactivate_plugin' functions in the 'inc/welcome-screen/class-activello-welco… | ||
| CVE-2023-28171 | Med | 0.35 | 5.4 | 0.00 | Jun 22, 2023 | Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Chill Brilliance theme <= 1.3.1 versions. |
- risk 0.42cvss 6.5epss 0.01
The Brilliance <= 1.2.7, Activello <= 1.4.0, and Newspaper X <= 1.3.1 themes for WordPress are vulnerable to Plugin Activation/Deactivation. This is due to the 'activello_activate_plugin' and 'activello_deactivate_plugin' functions in the 'inc/welcome-screen/class-activello-welco…
- risk 0.35cvss 5.4epss 0.00
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Chill Brilliance theme <= 1.3.1 versions.