6 matches found
CVE-2025-64223 WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...
CVE-2025-64223
CVE-2025-64223 affects the WordPress PenNews plugin/theme and is a PHP Local File Inclusion vulnerability caused by improper control of the filename for include/require. The issue affects PenNews versions older than 6.7.3. Metrics indicate a high-severity impact (CVSS 3.1: base score 8.1) with ne...
CVE-2025-64223 WordPress PenNews theme < 6.7.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...
WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PenNews versions 6.7.4...
CVE-2025-67572 WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...
CVE-2025-67572 WordPress PenNews theme < 6.7.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in PenciDesign PenNews pennews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PenNews: from n/a through 6.7.4...