Typecho Fans
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7025 | Hig | 0.47 | 7.3 | 0.00 | Apr 26, 2026 | A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request… | ||
| CVE-2024-46494 | 0.00 | — | 0.00 | Apr 7, 2025 | A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article. | |||
| CVE-2024-57369 | 0.00 | — | 0.00 | Jan 17, 2025 | Clickjacking vulnerability in typecho v1.2.1. | |||
| CVE-2023-6615 | 0.00 | — | 0.01 | Dec 8, 2023 | A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected by this issue is some unknown functionality of the file /admin/manage-users.php. The manipulation of the argument page leads to information disclosure. The exploit has been disclosed… | |||
| CVE-2023-6614 | 0.00 | — | 0.01 | Dec 8, 2023 | A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The… | |||
| CVE-2023-6613 | 0.00 | — | 0.01 | Dec 8, 2023 | A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The… |
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request…
- CVE-2024-46494Apr 7, 2025risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article.
- CVE-2024-57369Jan 17, 2025risk 0.00cvss —epss 0.00
Clickjacking vulnerability in typecho v1.2.1.
- CVE-2023-6615Dec 8, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected by this issue is some unknown functionality of the file /admin/manage-users.php. The manipulation of the argument page leads to information disclosure. The exploit has been disclosed…
- CVE-2023-6614Dec 8, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The…
- CVE-2023-6613Dec 8, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The…