Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Magazine3 — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting Magazine3. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Magazine3 is a WordPress theme designed for online publications and magazines, focusing on content display and monetization. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The theme's 19 recorded CVEs highlight consistent security flaws, often stemming from insufficient input validation and improper access controls. Notable incidents include multiple RCE vulnerabilities that allowed attackers to execute arbitrary code on affected sites, as well as XSS issues enabling malicious script injection. These vulnerabilities typically stem from the theme's extensive use of shortcodes and inadequate sanitization of user inputs, posing significant risks to website integrity and data security.

Found 9 results / 19Clear Filters
Top products by Magazine3: Schema & Structured Data for WP & AMP Easy Table of Contents PWA for WP – Progressive Web Apps Made Simple Core Web Vitals & PageSpeed Booster PWA for WP & AMP Google Adsense & Banner Ads by AdsforWP Web Stories Enhancer – Level Up Your Web Stories WP Multilang
CVE IDTitleCVSSSeverityPublished
CVE-2025-14069 Schema & Structured Data for WP & AMP <= 1.54 - Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema — Schema & Structured Data for WP & AMPCWE-79 6.4 Medium2026-01-23
CVE-2025-11502 Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting — Schema & Structured Data for WP & AMPCWE-79 6.4 Medium2025-11-01
CVE-2024-49683 WordPress Schema & Structured Data for WP & AMP plugin <= 1.3.5 - Sensitive Data Exposure vulnerability — Schema & Structured Data for WP & AMPCWE-862 5.3 Medium2024-10-24
CVE-2024-5582 Schema & Structured Data for WP & AMP <= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute — Schema & Structured Data for WP & AMPCWE-79 6.4 Medium2024-07-17
CVE-2024-3491 Schema & Structured Data for WP & AMP <= 1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks — Schema & Structured Data for WP & AMPCWE-79 6.4 Medium2024-04-23
CVE-2024-1288 Schema & Structured Data for WP & AMP <= 1.26 - Missing Authorization to reCaptcha Key Modification — Schema & Structured Data for WP & AMPCWE-284 4.3 Medium2024-02-20
CVE-2024-1586 Schema & Structured Data for WP & AMP <= 1.26 - Authenticated (Custom) Stored Cross-Site Scripting — Schema & Structured Data for WP & AMPCWE-79 6.4 Medium2024-02-20
CVE-2023-51677 WordPress Schema & Structured Data for WP & AMP Plugin <= 1.23 is vulnerable to Cross Site Scripting (XSS) — Schema & Structured Data for WP & AMPCWE-79 6.5 Medium2024-02-01
CVE-2024-22146 WordPress Schema & Structured Data for WP & AMP Plugin <= 1.25 is vulnerable to Cross Site Scripting (XSS) — Schema & Structured Data for WP & AMPCWE-79 6.5 Medium2024-01-31

This page lists every published CVE security advisory associated with Magazine3. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.