Approved changes feed: RSS · Atom
cpe:2.3:a:machothemes:antreas:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Machothemes (011507af-8f8b-5838-9d9a-c7be4c5d7373) |
|---|---|
| Product | Antreas (0b62959a-aa25-5126-8fcd-3b8a10e37b4e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wpchill/antreas |
purl2cpe | 2026-06-01 10:13:01.207733 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-36708 |
vulnerable | 2026-06-08 05:25:49.418942 |
Epsilon Framework Themes (Various Versions) - Function Injection
CRITICAL (9.8)
The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. This is due to epsilon_framework_ajax_action. This makes it possible for unauthenticated attackers to call functions and achieve remote code execution.
Published: 2023-06-07T01:51:22.525Z
Updated: 2026-04-08T16:55:21.011Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.