22 matches found
CVE-2026-22389
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...
EUVD-2026-9530
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22389
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...
CVE-2026-22389
CVE-2026-22389 describes an unauthorized Local File Inclusion (LFI) vulnerability in the WordPress theme Mikado-Themes Cocco cocco (versions up to and including 1.5.1). The issue arises from improper control of filenames used in PHP include/require statements, effectively enabling an attacker to ...
CVE-2026-22389 WordPress Cocco theme <= 2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...
CVE-2026-22389 WordPress Cocco theme <= 2.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...
WordPress plugin Cocco 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-23151
Name of the Vulnerable Software and Affected Versions Mikado-Themes Cocco versions through 1.5.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusio...
WordPress Cocco theme <= 1.5.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cocco versions = 1.5.1...
CVE-2026-22391
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22391
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22391
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22391 WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22391 WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
CVE-2026-22391
CVE-2026-22391 is an authorization bypass (IDOR) affecting the WordPress plugin/theme Mikado-Themes Cocco cocco, specifically versions up to 1.5.1. The connected Red Hat/NVD entries repeat the description: Authorization Bypass Through User-Controlled Key due to incorrectly configured access contr...
PT-2026-4215
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...
WordPress plugin Cocco has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cocco versions = 1.5.1...
MAL-2025-35105 Malicious code in test-mlw2-cocco-garda-rakes-qadis (npm)
The package test-mlw2-cocco-garda-rakes-qadis was found to contain malicious code...
Malicious code in test-mlw1-cocco-garda-rakes-qadis (npm)
The package test-mlw1-cocco-garda-rakes-qadis was found to contain malicious code...