2002 matches found
CVE-2025-11920
The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in one of its shortcodes. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary...
CVE-2025-11920
The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in one of its shortcodes. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary...
EUVD-2025-34556
The Woocommerce Category and Products Accordion Panel plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'categoryaccordionpanel' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2025-11746
CVE-2025-11746 is an authenticated Local File Inclusion vulnerability affecting the WordPress XStore/Multi-purpose WooCommerce Theme (versions <= 9.5.4). Exploitation via theet_ajax_required_plugins_popup() enables an attacker with Subscriber+ privileges to include and execute arbitrary PHP co...
WordPress plugin XStore 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path travers...
CVE-2025-7634
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on th...
CVE-2025-7634 WP Travel Engine – Tour Booking Plugin – Tour Operator Software <= 6.6.7 - Unauthenticated Local File Inclusion
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on th...
EUVD-2012-2294
Malware in sbrugna...
EUVD-2007-6516
Malware in sbrugna...
EUVD-2006-1367
Malware in sbrugna...
EUVD-2018-11151
Malware in sbrugna...
EUVD-2018-8411
Malware in sbrugna...
EUVD-2018-20771
Malware in sbrugna...
EUVD-2014-9381
Malware in sbrugna...
EUVD-2018-10292
Malware in sbrugna...
EUVD-2018-8917
Malware in sbrugna...
EUVD-2020-11720
Malware in sbrugna...
EUVD-2007-1598
Malware in sbrugna...
EUVD-2011-1337
Malware in sbrugna...
EUVD-2015-9393
Malware in sbrugna...