Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2024-13653 | Missing Authorization vulnerability in Mvpthemes Zoxpress The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backup_options' function in all versions up to, and including, 2.12.0. | 8.8 |
| 2025-02-12 | CVE-2024-13654 | Missing Authorization vulnerability in Mvpthemes Zoxpress The ZoxPress - The All-In-One WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'reset_options' function in all versions up to, and including, 2.12.0. | 8.1 |
| 2025-02-12 | CVE-2024-13656 | Missing Authorization vulnerability in Mvpthemes Click MAG The Click Mag - Viral WordPress News Magazine/Blog Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the propanel_of_ajax_callback() function in all versions up to, and including, 3.6.0. | 8.1 |
| 2025-02-12 | CVE-2024-13800 | Missing Authorization vulnerability in Convertplug Convertplus The ConvertPlus plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cp_dismiss_notice' AJAX endpoint in all versions up to, and including, 3.5.30. | 8.1 |
| 2025-02-11 | CVE-2024-12547 | Out-of-bounds Write vulnerability in Tungstenautomation Power PDF Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. | 8.8 |
| 2025-02-11 | CVE-2024-12549 | Out-of-bounds Read vulnerability in Tungstenautomation Power PDF Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. | 7.8 |
| 2025-02-11 | CVE-2024-12550 | Out-of-bounds Read vulnerability in Tungstenautomation Power PDF Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. | 7.8 |
| 2025-02-11 | CVE-2024-12551 | Out-of-bounds Read vulnerability in Tungstenautomation Power PDF Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. | 7.8 |
| 2025-02-11 | CVE-2025-0899 | Use After Free vulnerability in Pdf-Xchange Editor PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability. | 8.8 |
| 2025-02-11 | CVE-2025-0901 | Out-of-bounds Read vulnerability in Pdf-Xchange Editor PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. | 8.8 |