18 matches found
CVE-2026-39538
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
EUVD-2026-20193
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
CVE-2026-39538
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Mikado Core versions = 1.6...
CVE-2026-39538
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
CVE-2026-39538 WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
CVE-2026-39538
CVE-2026-39538 relates to the WordPress Mikado Core plugin (
CVE-2026-39538 WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
PT-2026-31147
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through = 1.6...
WordPress plugin Mikado Core 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2025-9058
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...
CVE-2025-9058
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...
CVE-2025-9058 Mikado Core <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...
CVE-2025-9058 Mikado Core <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...
CVE-2025-9058
CVE-2025-9058 affects Mikado Core for WordPress (versions up to 1.5.2). It enables Stored Cross-Site Scripting via shortcode attributes due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher; Wordfence data lists CVSS ...
PT-2025-36572
Name of the Vulnerable Software and Affected Versions: Mikado Core plugin for WordPress versions up to and including 1.5.2 Description: The Mikado Core plugin for WordPress is susceptible to Stored Cross-Site Scripting through shortcodes due to inadequate input sanitization and output escaping of...
WordPress plugin Mikado Core 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Mikado Core plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Mikado Core versions = 1.5.2...