WordPress Dazzle theme <= 1.0.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dazzle versions = 1.0.0...

WordPress Snow Club theme <= 1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Snow Club versions = 1.1...

WordPress Nexio theme <= 1.10.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nexio versions = 1.10.0...

WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ingenioso versions = 1.14.0...

WordPress Presto Player plugin <= 4.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Presto Player versions = 4.1.3...

WordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Hustle versions = 7.8.10.1...

WordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Royal Elementor Addons versions 1.7.1053...

PT-2026-33885

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.3 Description OpenBao is an open source identity-based secrets management system that utilizes namespaces for multi-tenant separation. A flaw exists where a tenant that leaks token accessors may have their token...

WordPress Nexter Blocks plugin <= 4.7.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Nexter Blocks versions = 4.7.0...

WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin Sunshine Photo Cart versions 3.6.2...

WordPress Share This Image plugin <= 2.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Share This Image versions = 2.12...

WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin DirectoryPress versions = 3.6.26...

WordPress 12 Step Meeting List plugin <= 3.19.9 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bao - BlueRock in WordPress Plugin 12 Step Meeting List versions = 3.19.9...

WordPress MyDecor theme < 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme MyDecor versions 1.5.9...

WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Pendulum versions 3.1.5...

WordPress Rosebud theme <= 1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Rosebud versions = 1.4...

WordPress NeoBeat theme <= 1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme NeoBeat versions = 1.2...

WordPress Amoli theme <= 1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Amoli versions = 1.0...

WordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme m2 | Construction and Tools Store versions = 1.1.2...

WordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dental Clinic versions = 3.7...