21 matches found
CVE-2026-39539
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking = 2.1.2 versions...
CVE-2026-39539 WordPress Alloggio - Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking = 2.1.2 versions...
CVE-2026-39539
Summary: CVE-2026-39539 concerns unauthenticated PHP Object Injection in the WordPress plugin/theme “Alloggio - Hotel Booking” versions ≤ 2.1.2. The affected component is the Alloggio Hotel Booking theme; the underlying issue is described as a PHP Object Injection vulnerability. The CVSS base sco...
PT-2026-50098
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking = 2.1.2 versions...
WordPress Alloggio - Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability
WordPress Alloggio - Hotel Booking theme = 2.1.2 - PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Alloggio - Hotel Booking versions = 2.1.2...
CVE-2025-64287
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Alloggio - Hotel Booking alloggio allows PHP Local File Inclusion.This issue affects Alloggio - Hotel Booking: from n/a through = 1.8...
EUVD-2025-38060
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Alloggio - Hotel Booking alloggio allows PHP Local File Inclusion.This issue affects Alloggio - Hotel Booking: from n/a through = 1.8...
CVE-2025-64287
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Alloggio - Hotel Booking alloggio allows PHP Local File Inclusion.This issue affects Alloggio - Hotel Booking: from n/a through = 1.8...
CVE-2025-64287 WordPress Alloggio - Hotel Booking Theme theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Alloggio - Hotel Booking alloggio allows PHP Local File Inclusion.This issue affects Alloggio - Hotel Booking: from n/a through = 1.8...
CVE-2025-64287 WordPress Alloggio - Hotel Booking Theme theme <= 1.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Alloggio - Hotel Booking alloggio allows PHP Local File Inclusion.This issue affects Alloggio - Hotel Booking: from n/a through = 1.8...
CVE-2025-64287
CVE-2025-64287 concerns WordPress Alloggio - Hotel Booking Theme (Alloggio) versions up to and including 1.8. The issue is an improper control of filenames used in include/require statements, allowing PHP Local File Inclusion (LFI). The vulnerability is described as affecting Alloggio - Hotel Boo...
PT-2025-45337
Name of the Vulnerable Software and Affected Versions Edge-Themes Alloggio - Hotel Booking versions through 1.8 Description The software contains a flaw related to improper control of filenames used in include/require statements, leading to a PHP Local File Inclusion issue. The vulnerability allo...
WordPress plugin Alloggio 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2025-5893
Malicious code in bioql PyPI...
WordPress Alloggio - Hotel Booking Theme theme <= 1.8 - Local File Inclusion vulnerability
WordPress Alloggio - Hotel Booking Theme theme = 1.8 - Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Alloggio - Hotel Booking versions = 1.8...
CVE-2025-1638
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggiomembershipinitrestapifacebooklogin and alloggiomembershipinitrestapigooglelogin...
CVE-2025-1638 Alloggio Membership <= 1.1 - Authentication Bypass via Social Login Account Takeover
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggiomembershipinitrestapifacebooklogin and alloggiomembershipinitrestapigooglelogin...
CVE-2025-1638 Alloggio Membership <= 1.1 - Authentication Bypass via Social Login Account Takeover
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity through the alloggiomembershipinitrestapifacebooklogin and alloggiomembershipinitrestapigooglelogin...
WordPress plugin Alloggio Membership 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Alloggio Membership plugin <= 1.1 - Authentication Bypass via Social Login Account Takeover vulnerability
Authentication Bypass via Social Login Account Takeover vulnerability discovered by Tonn in WordPress Plugin Alloggio Membership versions = 1.1...