22 matches found
EUVD-2025-26490
Missing Authorization vulnerability in ThemeMove Makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through 1.8.5...
EUVD-2025-24694
Malicious code in bioql PyPI...
CVE-2025-58210
Missing Authorization vulnerability in ThemeMove Makeaholic makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through = 1.8.5...
CVE-2025-58210
Missing Authorization vulnerability in ThemeMove Makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through 1.8.5...
CVE-2025-58210
Missing Authorization vulnerability in ThemeMove Makeaholic makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through = 1.8.5...
CVE-2025-58210
CVE-2025-58210 describes a Missing Authorization issue in the ThemeMove Makeaholic WordPress theme. The vulnerability affects Makeaholic versions up to and including 1.8.5, stemming from incorrectly configured access control that allows unauthorized access. Multiple connected sources corroborate ...
CVE-2025-58210 WordPress Makeaholic Theme <= 1.8.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ThemeMove Makeaholic makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through = 1.8.5...
CVE-2025-58210 WordPress Makeaholic Theme <= 1.8.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in ThemeMove Makeaholic makeaholic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Makeaholic: from n/a through = 1.8.5...
WordPress plugin Makeaholic 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-35697
Name of the Vulnerable Software and Affected Versions Makeaholic versions through 1.8.5 Description The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations Update Makeaholic to a version later than 1.8.5...
WordPress Makeaholic Theme <= 1.8.5 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Makeaholic versions = 1.8.5...
WordPress Makeaholic Theme <= 1.8.5 is vulnerable to Broken Access Control
Software Makeaholic Type Theme Vulnerable versions = 1.8.5 Fixed in 1.8.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-58210 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID de9323d56155 Credits Tran Nguyen Bao Khanh VCI - VNPT...
CVE-2025-54700
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Makeaholic makeaholic allows PHP Local File Inclusion.This issue affects Makeaholic: from n/a through = 1.8.4...
WordPress Makeaholic Theme <= 1.8.4 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Makeaholic versions = 1.8.4...
CVE-2025-54700
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Makeaholic allows PHP Local File Inclusion. This issue affects Makeaholic: from n/a through 1.8.4...
CVE-2025-54700
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Makeaholic makeaholic allows PHP Local File Inclusion.This issue affects Makeaholic: from n/a through = 1.8.4...
CVE-2025-54700 WordPress Makeaholic Theme <= 1.8.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Makeaholic allows PHP Local File Inclusion. This issue affects Makeaholic: from n/a through 1.8.4...
CVE-2025-54700
CVE-2025-54700 is a Local File Inclusion vulnerability in ThemeMove Makeaholic (WordPress) versions up to 1.8.4 caused by improper control of filenames in include/require statements. The issue could allow an attacker to access local files via PHP code execution paths exposed by the theme. Public ...
CVE-2025-54700 WordPress Makeaholic Theme <= 1.8.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Makeaholic makeaholic allows PHP Local File Inclusion.This issue affects Makeaholic: from n/a through = 1.8.4...
PT-2025-33252
Name of the Vulnerable Software and Affected Versions: ThemeMove Makeaholic versions through 1.8.4 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...