CVE-2026-25017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclusion.This issue affects NaturaLife Extensions: from n/a through = 2.1...

CVE-2026-25018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through = 2.1...

EUVD-2026-15619

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through = 2.1...

CVE-2026-25018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through = 2.1...

CVE-2026-25018 WordPress NaturaLife Extensions plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through = 2.1...

CVE-2026-25018

CVE-2026-25018 affects the WordPress NaturaLife Extensions plugin (versions n/a through 2.1). The vulnerability is a Reflected Cross-Site Scripting (XSS) caused by improper input neutralization during web page generation. Affected component is the NaturaLife Extensions plugin for WordPress; root ...

CVE-2026-25018 WordPress NaturaLife Extensions plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through = 2.1...

CVE-2026-25017 WordPress NaturaLife Extensions plugin <= 2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclusion.This issue affects NaturaLife Extensions: from n/a through = 2.1...

WordPress plugin NaturaLife Extensions 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-27884

Name of the Vulnerable Software and Affected Versions NaturaLife Extensions versions n/a through 2.1 Description A flaw exists in NaturaLife Extensions that allows for PHP Local File Inclusion due to improper control of filename handling for Include/Require statements. This issue impacts the...

PT-2026-27885

Name of the Vulnerable Software and Affected Versions stmcan NaturaLife Extensions versions n/a through 2.1 Description The software contains a flaw due to improper handling of user-supplied data during web page creation, which can lead to reflected cross-site scripting XSS. This allows an attack...

WordPress NaturaLife Extensions plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin NaturaLife Extensions versions = 2.1...

WordPress NaturaLife Extensions plugin <= 2.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin NaturaLife Extensions versions = 2.1...