2 matches found
WordPress Zota theme <= 1.3.14 - Local File Inclusion vulnerability
Software : Zota Type : Theme Vulnerable versions : = 1.3.14 Fixed in : 1.3.15 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68537 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 058fe19104cc...
CVE-2025-61768 Kuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG Upload
KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF Server-Side Request Forgery vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upload a specially crafted SVG file containing an external imag...