5 matches found
EUVD-2025-204184
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes The Flash theflash allows PHP Local File Inclusion.This issue affects The Flash: from n/a through = 1.15...
CVE-2025-58888
CVE-2025-58888 concerns WordPress The Flash theme (
CVE-2025-58888 WordPress The Flash theme <= 1.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes The Flash theflash allows PHP Local File Inclusion.This issue affects The Flash: from n/a through = 1.15...
WordPress The Flash theme <= 1.15 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme The Flash versions = 1.15...
CVE-2024-7560
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflashpostmeta meta value. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PH...