EIP-2026-114353

PRE-CVE

WordPress Theme The Gazette Edition 2.9.4 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114353. PoCs published by MustLive.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in Gazette Edition for WordPress, including XSS, DoS, and information disclosure. It includes example URLs demonstrating the XSS and DoS vectors but lacks functional exploit code.

Description

WordPress Theme The Gazette Edition 2.9.4 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by MustLive · textwebappsphp

https://www.exploit-db.com/exploits/35608

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in Gazette Edition for WordPress, including XSS, DoS, and information disclosure. It includes example URLs demonstrating the XSS and DoS vectors but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Xss | Dos | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Gazette Edition for Wordpress 2.9.4 and prior

No auth needed

Prerequisites: Access to the target WordPress instance with the Gazette theme installed

MITRE ATT&CK

T1059.007 - JavaScript T1499 - Endpoint Denial of Service T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026