15 matches found
CVE-2025-62055
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
EUVD-2025-38072
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
CVE-2025-62055
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
CVE-2025-62055
CVE-2025-62055 is a Local File Inclusion vulnerability in the WordPress Academist theme (Academist) prior to version 1.3. The issue arises from improper control of the filename used in Include/Require statements in PHP, enabling remote/file inclusion attacks. Affected software: Academist theme (
CVE-2025-62055 WordPress Academist theme < 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
CVE-2025-62055 WordPress Academist theme < 1.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
PT-2025-45316
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through 1.3...
WordPress plugin Academist 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress Academist theme < 1.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by ? in WordPress Theme Academist versions 1.3...
CVE-2025-1671
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academistmembershipcheckfacebookuser function not properly verifying a user's identity prior to authenticating them. This makes it possible for...
CVE-2025-1671 Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academistmembershipcheckfacebookuser function not properly verifying a user's identity prior to authenticating them. This makes it possible for...
CVE-2025-1671
CVE-2025-1671 concerns the Academist Membership plugin for WordPress (versions ≤ 1.1.6). The root cause is the function academist_membership_check_facebook_user() not properly verifying a user’s identity before authentication, enabling an unauthenticated attacker to log in as any user, including ...
CVE-2025-1671 Academist Membership <= 1.1.6 - Authentication Bypass via Account Takeover
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academistmembershipcheckfacebookuser function not properly verifying a user's identity prior to authenticating them. This makes it possible for...
WordPress plugin Academist Membership 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Academist Membership plugin <= 1.1.6 - Authentication Bypass via Account Takeover vulnerability
Authentication Bypass via Account Takeover vulnerability discovered by Tonn in WordPress Plugin Academist Membership versions = 1.1.6...