VYPR

Puzzles

by WordPress

CVEs (2)

  • CVE-2024-13770Feb 13, 2025
    risk 0.00cvss epss 0.01

    The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of untrusted input 'view_more_posts' AJAX action. This makes it possible for…

  • CVE-2024-13769Feb 12, 2025
    risk 0.00cvss epss 0.00

    The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the 'theme_options_ajax_post_action' AJAX action in all versions up to, and including, 4.2.4. This makes it…