Epsilon Framework Themes (Various Versions) - Function Injection
Summary
| CVE | CVE-2020-36708 |
|---|---|
| State | PUBLISHED |
| Assigner | Wordfence |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-06-07 02:15:11 UTC |
| Updated | 2026-04-08 18:17:08 UTC |
| Description | The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. This is due to epsilon_framework_ajax_action. This makes it possible for unauthenticated attackers to call functions and achieve remote code execution. |
Risk And Classification
Primary CVSS: v3.1 9.8 CRITICAL from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Problem Types: CWE-94 | CWE-94 CWE-94 Improper Control of Generation of Code ('Code Injection')
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | [email protected] | Secondary | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | CNA | DECLARED | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Colorlib | Activello | All | All | All | All |
| Application | Colorlib | Bonkers | All | All | All | All |
| Application | Colorlib | Illdy | All | All | All | All |
| Application | Colorlib | Newspaper X | All | All | All | All |
| Application | Colorlib | Pixova Lite | All | All | All | All |
| Application | Colorlib | Shapely | All | All | All | All |
| Application | Colorlib | Sparklinkg | All | All | All | All |
| Application | Cpothemes | Affluent | All | All | All | All |
| Application | Cpothemes | Allegiant | All | All | All | All |
| Application | Cpothemes | Brilliance | All | All | All | All |
| Application | Cpothemes | Transcend | All | All | All | All |
| Application | Machothemes | Antreas | All | All | All | All |
| Application | Machothemes | Medzone Lite | All | All | All | All |
| Application | Machothemes | Naturemag Lite | All | All | All | All |
| Application | Machothemes | Newsmag | All | All | All | All |
| Application | Machothemes | Regina Lite | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Machothemes | Antreas | affected 1.0.2 semver | Not specified |
| CNA | Machothemes | NatureMag Lite | affected 1.0.4 semver | Not specified |
| CNA | Silkalns | Bonkers | affected 1.0.4 semver | Not specified |
| CNA | Wpchill | Affluent | affected 1.1.0 semver | Not specified |
| CNA | Wpchill | Transcend | affected 1.1.8 semver | Not specified |
| CNA | Wpchill | Allegiant | affected 1.2.2 semver | Not specified |
| CNA | Machothemes | MedZone Lite | affected 1.2.4 semver | Not specified |
| CNA | Silkalns | Shapely | affected 1.2.7 semver | Not specified |
| CNA | Wpchill | Brilliance | affected 1.2.7 semver | Not specified |
| CNA | Silkalns | Newspaper X | affected 1.3.1 semver | Not specified |
| CNA | Silkalns | Activello | affected 1.4.0 semver | Not specified |
| CNA | Machothemes | Regina Lite | affected 2.0.4 semver | Not specified |
| CNA | Silkalns | Pixova Lite | affected 2.0.5 semver | Not specified |
| CNA | Silkalns | Illdy | affected 2.1.4 semver | Not specified |
| CNA | Machothemes | NewsMag | affected 2.4.1 semver | Not specified |
| CNA | Silkalns | Sparkling | affected 2.4.8 semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Epsilon Framework Themes (Various Versions) - Function Injection | af854a3a-2127-422b-91ae-364da2661108 | www.wordfence.com | Third Party Advisory |
| Unauthenticated function injection vulnerability fixed in 15 WordPress themes. – NinTechNet | af854a3a-2127-422b-91ae-364da2661108 | blog.nintechnet.com | Exploit, Third Party Advisory |
| Large-Scale Attacks Target Epsilon Framework Themes | af854a3a-2127-422b-91ae-364da2661108 | www.wordfence.com | Third Party Advisory |
| Multiple Themes - Unauthenticated Function Injection WordPress Security Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | wpscan.com | Third Party Advisory |
| Unauthenticated function injection vulnerability in WordPress Sparkling theme. – NinTechNet | af854a3a-2127-422b-91ae-364da2661108 | blog.nintechnet.com | Exploit, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Jerome Bruandet (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2020-10-01T00:00:00.000Z | Disclosed |
There are currently no legacy QID mappings associated with this CVE.