4 matches found
CVE-2025-69005 WordPress Search & Go theme <= 2.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Search & Go search-and-go allows PHP Local File Inclusion.This issue affects Search & Go: from n/a through = 2.8...
CVE-2025-69005
CVE-2025-69005 is a Local File Inclusion (LFI) in WordPress theme Search & Go (Elated-Themes Search & Go). Affected versions are
CVE-2025-11522 Search & Go - Directory WordPress Theme <= 2.7 - Authentication Bypass to Privilege Escalation via Account Takeover
The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the searchandgoelatedcheckfacebookuser function This makes it possible for...
WordPress Search & Go Theme <= 2.7 is vulnerable to Privilege Escalation
Software Search & Go Type Theme Vulnerable versions = 2.7 Fixed in 2.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2025-11522 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 0f681595092d Credits khanhhnahk1...