CVE-2025-58215 WordPress Ziston Theme < 1.4.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through 1.4.5...

CVE-2025-58215 WordPress Ziston Theme < 1.4.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through 1.4.5...

CVE-2025-54709

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Sala sala.This issue affects Sala: from n/a through = 1.1.6...

CVE-2025-54709 WordPress Sala Theme <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Sala. This issue affects Sala: from n/a through 1.1.6...

CVE-2025-54709

CVE-2025-54709 is a Local File Inclusion vulnerability in the WordPress Sala theme (versions

CVE-2025-47571 WordPress Super Store Finder plugin < 7.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in highwarden Super Store Finder superstorefinder-wp allows PHP Local File Inclusion.This issue affects Super Store Finder: from n/a through 7.8...

CVE-2025-47571 WordPress Super Store Finder plugin <= 6.9.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in highwarden Super Store Finder. This issue affects Super Store Finder: from n/a through 6.9.7...

CVE-2025-47695

CVE-2025-47695 affects WordPress Blog Designer PRO (plugin)

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9872

CVE-2025-9872 describes an issue in Ivanti Endpoint Manager where insufficient filename validation for uploaded files can lead to remote code execution. The vulnerability affects Ivanti Endpoint Manager prior to 2024 SU3 SR1 and prior to 2022 SU8 SR2, requiring user interaction to exploit. Connec...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9712

Ivanti Endpoint Manager (ERP) is affected by CVE-2025-9712 due to insufficient filename validation in uploaded files, enabling remote code execution on affected versions. The issue affects Ivanti Endpoint Manager before 2024 SU3 SR1 and before 2022 SU8 SR2. Root cause: inadequate validation of fi...

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

Advisory ROSA-SA-2025-2971

software: less 608 WASP: ROSA-CHROME unaffected versions = less-608-3 affected versions less-608-3 CVE-ID: CVE-2024-32487 BDU-ID: 2024-03717 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the UNIX-like UNIX text terminal utility Less is related to incorrect handling of quotation marks in the...

CLSA-2025-1757411388 Fix CVE(s): CVE-2025-53014

SECURITY UPDATE: heap buffer overflow in InterpretImageFilename function - debian/patches/CVE-2025-53014.patch: fix out of bounds read of a single byte in image file interpretation - CVE-2025-53014...