WordPress Soledad theme <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout' vulnerability

Authenticated Contributor+ Local File Inclusion via 'headerlayout' vulnerability discovered by stealthcopter in WordPress Theme Soledad versions = 8.6.7...

PT-2025-33591 · WordPress · Soledad

Name of the Vulnerable Software and Affected Versions: Soledad theme for WordPress versions through 8.6.7 Description: The Soledad theme for WordPress is susceptible to a Local File Inclusion issue via the header layout parameter. This allows authenticated attackers with Contributor-level access ...

WordPress plugin Soledad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2025-8996

Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0...

CVE-2025-8996

Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0...

CVE-2025-8996 Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097

Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0...

CVE-2025-8996 Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097

Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0...

CVE-2025-8996

CVE-2025-8996 affects Drupal Layout Builder Advanced Permissions (versions 0.0.0 through 2.1.9/2.2.0 before). The vulnerability is a Missing Authorization issue that enables forceful browsing, enabling access bypass within the affected module, as described across multiple sources (Red Hat, NVD/CV...

CVE-2025-6715

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

Drupal Layout Builder Advanced Permissions 安全漏洞

Drupal Layout Builder Advanced Permissions is a permission control extension for the Drupal community. A security vulnerability exists in Drupal Layout Builder Advanced Permissions versions prior to 2.2.0, which stems from a lack of authorization and could lead to forced browsing...

Linux Distros Unpatched Vulnerability : CVE-2019-1010024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE:...

PT-2025-33501 · Drupal · Drupal Layout Builder Advanced Permissions

Name of the Vulnerable Software and Affected Versions: Drupal Layout Builder Advanced Permissions versions 0.0.0 through 2.1.9 Description: Missing authorization allows forceful browsing in Drupal Layout Builder Advanced Permissions. Recommendations: Update to version 2.2.0 or later...

Malicious code in additor-react-grid-layout (npm)

The package additor-react-grid-layout was found to contain malicious code...

MAL-2025-19644 Malicious code in encrypt-layout-helper (npm)

The package encrypt-layout-helper was found to contain malicious code...

MAL-2025-17912 Malicious code in d3plus-layout (npm)

The package d3plus-layout was found to contain malicious code...

Malicious code in layout-experimental (npm)

The package layout-experimental was found to contain malicious code...

Malicious code in responsive-layout (npm)

The package responsive-layout was found to contain malicious code...

MAL-2025-32151 Malicious code in responsive-layout (npm)

The package responsive-layout was found to contain malicious code...

MAL-2025-32149 Malicious code in respace-ui-layout (npm)

The package respace-ui-layout was found to contain malicious code...

MAL-2025-24995 Malicious code in layout-experimental (npm)

The package layout-experimental was found to contain malicious code...