CVE-2025-63032

According to the connected Wordfence report, CVE-2025-63032 affects Branda Consulting? Actually, it affects Consulting: ThinkUpThemes Consulting WordPress theme/plugin, with versions up to 1.5.0. It is an Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability caused by improper in...

CVE-2025-63032 WordPress Consulting theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through = 1.5.0...

CVE-2025-63032 WordPress Consulting theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0...

WordPress Consulting theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Theme Consulting versions = 1.5.0...

CVE-2025-64359 WordPress Consulting theme < 6.7.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Consulting consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.7.5...

CVE-2025-64359

CVE-2025-64359 is a WordPress plugin/theme vulnerability affecting the WordPress Consulting theme (StylemixThemes Consulting) versions prior to 6.7.5. Multiple connected sources describe an improper control of filename for include/require statements, enabling PHP Local File Inclusion through the ...

CVE-2025-64359 WordPress Consulting theme < 6.7.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Consulting consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.7.5...

WordPress Consulting theme < 6.7.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Consulting versions 6.7.5...

CVE-2025-31072 WordPress Ofiz - Business Consulting Theme plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes Ofiz - WordPress Business Consulting Theme ofiz allows Reflected XSS.This issue affects Ofiz - WordPress Business Consulting Theme: from n/a through = 2.0...

WordPress Ofiz - Business Consulting Theme plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability

WordPress Ofiz - Business Consulting Theme plugin = 2.0 - Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ofiz - WordPress Business Consulting Theme versions = 2.0...

CVE-2023-37385 WordPress Consulting theme <= 6.5.6 - Local File Inclusion

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6...

WordPress Consulting Theme 6.3.0 - 6.5.6 is vulnerable to Local File Inclusion

Software Consulting Type Theme Vulnerable versions 6.3.0 - 6.5.6 Fixed in 6.5.7 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-37385 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID dafa46bad8e4 Credits Dave Jong Patchstack Required privilege...