Blazethemes

blazethemes

3 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Digital Newspaper

digital_newspaper

News Kit Elementor Addons

news_kit_elementor_addons

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-9541 1Blazethemes 1News Kit Elementor Addons Jun 17, 2026 Oct 22, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/canvas-menu.php. This...Show more The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/canvas-menu.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data.Show less
CVE-2024-37198 1Blazethemes 1Digital Newspaper Jun 17, 2026 Jun 21, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue affects Digital Newspaper: from n/a through 1.1.5.
CVE-2024-1587 1Blazethemes 1Newsmatic Jun 17, 2026 Apr 9, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated...Show more The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post content.Show less