Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

RedhatCVE
RedhatCVEadded 2025/12/19 7:32 a.m.1 views

CVE-2025-64223

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS7.1AI score0.0011EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/18 9:30 a.m.0 views

EUVD-2025-204075

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS6.6AI score0.0011EPSS
Exploits0References2
NVD
NVDadded 2025/12/18 8:16 a.m.1 views

CVE-2025-64223

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS0.0011EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/18 7:22 a.m.1 views

CVE-2025-64223 WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS6.7AI score0.0011EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/18 7:22 a.m.19 views

CVE-2025-64223 WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

8.1CVSS0.0011EPSS
Exploits0References1
CVE
CVEadded 2025/12/18 7:22 a.m.5 views

CVE-2025-64223

CVE-2025-64223 affects the WordPress PenNews plugin/theme and is a PHP Local File Inclusion vulnerability caused by improper control of the filename for include/require. The issue affects PenNews versions older than 6.7.3. Metrics indicate a high-severity impact (CVSS 3.1: base score 8.1) with ne...

8.1CVSS6.7AI score0.0011EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/18 12:0 a.m.1 views

WordPress plugin PenNews 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

8.1CVSS6.6AI score0.0011EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/18 12:0 a.m.2 views

PT-2025-52170

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

7.1AI score0.0011EPSS
Exploits0References2
Patchstack
Patchstackadded 2025/12/14 1:23 p.m.2 views

WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PenNews versions 6.7.4...

5.3CVSS7AI score0.00038EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2025/12/12 3:11 p.m.1 views

CVE-2025-67572

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

5.3CVSS7AI score0.00038EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/09 6:30 p.m.1 views

EUVD-2025-202074

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

6.5AI score0.00038EPSS
Exploits0References2
NVD
NVDadded 2025/12/09 4:18 p.m.2 views

CVE-2025-67572

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

5.3CVSS0.00038EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/09 2:14 p.m.18 views

CVE-2025-67572 WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

5.3CVSS0.00038EPSS
Exploits0References1
CVE
CVEadded 2025/12/09 2:14 p.m.6 views

CVE-2025-67572

CVE-2025-67572 affects the PenNews WordPress theme (PenNews) prior to version 6.7.4, due to Missing/Incorrect Authorization in access controls. The issue enables unauthorized access due to misconfigured security levels. Reported in multiple sources (Wordfence, Patchstack, CVE records) with a CVSS...

5.3CVSS6.6AI score0.00038EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/09 2:14 p.m.1 views

CVE-2025-67572 WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...

5.3CVSS6.6AI score0.00038EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/09 12:0 a.m.1 views

WordPress plugin PenNews 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.6AI score0.00038EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.1 views

PT-2025-49946

CVE-2025-67572 Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews:… https://t.co/g3hod2E165...

7AI score0.00038EPSS
Exploits0References3
Patchstack
Patchstackadded 2025/08/02 2:18 p.m.2 views

WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme PenNews versions 6.7.3...

8.1CVSS7AI score0.0011EPSS
Exploits0Affected Software1
Rows per page
Query Builder