Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2025/11/15 6:48 a.m.11 views

CVE-2025-10686

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

7.2CVSS7.3AI score0.00475EPSS
Exploits0References1
patchstack
patchstack
added 2025/11/14 8:24 a.m.9 views

WordPress Creta Testimonial Showcase plugin < 1.2.4 - Editor+ Local File Inclusion vulnerability

Editor+ Local File Inclusion vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Creta Testimonial Showcase versions 1.2.4...

7.2CVSS6.7AI score0.00475EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2025/11/14 6:15 a.m.7 views

CVE-2025-10686

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

7.2CVSS0.00475EPSS
Exploits0References1
cvelist
cvelist
added 2025/11/14 6:0 a.m.12 views

CVE-2025-10686 Creta Testimonial Showcase < 1.2.4 - Editor+ Local File Inclusion

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

0.00475EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/11/14 6:0 a.m.2 views

CVE-2025-10686 Creta Testimonial Showcase < 1.2.4 - Editor+ Local File Inclusion

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

6.9AI score0.00475EPSS
Exploits0References1
euvd
euvd
added 2025/11/14 6:0 a.m.4 views

EUVD-2025-186559

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

7.2CVSS6.8AI score0.00475EPSS
Exploits0References2
cve
cve
added 2025/11/14 6:0 a.m.25 views

CVE-2025-10686

The CVE-2025-10686 has concrete details across multiple sources: Creta Testimonial Showcase WordPress plugin prior to v1.2.4 is vulnerable to Local File Inclusion. Authenticated users with editor-level access or higher can include and execute arbitrary PHP files on the server, enabling code execu...

7.2CVSS6.9AI score0.00475EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/11/14 12:0 a.m.4 views

WordPress plugin Creta Testimonial Showcase 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.2CVSS6.5AI score0.00475EPSS
Exploits0References2
Rows per page
Query Builder