33 matches found
Malicious code in @toni77777/aora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8566221a9ab9a1cb01b0f23e2af4b140d2e97310701b8c9a8f4bed1481fb22b2 On npm install, scripts/postinstall.js fetches a platform-specific executable from https://github.com/yourusername/aora/releases/download/v0.1.0/,...
MAL-2026-4458 Malicious code in @toni77777/aora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8566221a9ab9a1cb01b0f23e2af4b140d2e97310701b8c9a8f4bed1481fb22b2 On npm install, scripts/postinstall.js fetches a platform-specific executable from https://github.com/yourusername/aora/releases/download/v0.1.0/,...
CVE-2026-27381
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
EUVD-2026-9634
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2026-27381
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2026-27381 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2026-27381 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2026-27381
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2026-27381
CVE-2026-27381 describes a Local File Inclusion (LFI) in the WordPress theme/application stack: the Aora theme (thembay Aora aora) vulnerable via improper control of filename in include/require statements. Affected: Aora theme ≤ 1.3.15 (n/a through 1.3.15). CVSS v3.1 base score 8.1 (HIGH) with ne...
WordPress plugin Aora 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-23255
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Aora versions = 1.3.15...
CVE-2025-68985
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
EUVD-2025-205750
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2025-68985
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2025-68985 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2025-68985 WordPress Aora theme <= 1.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.15...
CVE-2025-68985
CVE-2025-68985 (Aora theme vulnerability) is an authenticated (Contributor+) Local File Inclusion affecting the Aora WordPress theme (Aora – Home & Lifestyle Elementor WooCommerce Theme) up to version 1.3.15. The issue arises from improper handling of filenames in PHP include/require, enabling an...
PT-2025-53875
Name of the Vulnerable Software and Affected Versions thembay Aora versions through 1.3.15 Description A flaw exists in thembay Aora that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This issue is related to a 'PHP Remote File Inclusion'...
WordPress plugin Aora 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...