VYPR

Zox News

by WordPress

CVEs (2)

  • CVE-2024-13643HigFeb 11, 2025
    risk 0.57cvss 8.8epss 0.01

    The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backup_options() and…

  • CVE-2024-11936HigJan 26, 2025
    risk 0.57cvss 8.8epss 0.00

    The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backup_options' and 'restore_options' function in all versions up to, and including, 3.16.0. This makes it possible…