WordPress SmartMag theme <= 10.3.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme SmartMag versions = 10.3.0...

WordPress SmartMag Theme <= 10.3.0 is vulnerable to Local File Inclusion

Software SmartMag Type Theme Vulnerable versions = 10.3.0 Fixed in 10.3.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-64216 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID de6195233272 Credits João Pedro S Alcântara Kinorth Required privileg...

WordPress SmartMag theme <= 10.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme SmartMag versions = 10.3.1...

CVE-2025-64204

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

CVE-2025-64216

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeSphere SmartMag smart-mag allows PHP Local File Inclusion.This issue affects SmartMag: from n/a through = 10.3.0...

WordPress SmartMag Theme <= 10.3.1 is vulnerable to Cross Site Scripting (XSS)

Software SmartMag Type Theme Vulnerable versions = 10.3.1 Fixed in 10.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-64204 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6a240fc7988d Credits João Pedro S Alcântara Kinorth Required...

EUVD-2025-36623

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

EUVD-2025-36618

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeSphere SmartMag smart-mag allows PHP Local File Inclusion.This issue affects SmartMag: from n/a through = 10.3.0...

CVE-2025-64216

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeSphere SmartMag smart-mag allows PHP Local File Inclusion.This issue affects SmartMag: from n/a through = 10.3.0...

CVE-2025-64204

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

CVE-2025-64216 WordPress SmartMag theme <= 10.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeSphere SmartMag smart-mag allows PHP Local File Inclusion.This issue affects SmartMag: from n/a through = 10.3.0...

CVE-2025-64216 WordPress SmartMag theme <= 10.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeSphere SmartMag smart-mag allows PHP Local File Inclusion.This issue affects SmartMag: from n/a through = 10.3.0...

CVE-2025-64216

CVE-2025-64216 is a Local File Inclusion vulnerability in WordPress theme SmartMag (versions

CVE-2025-64204

The WordPress theme SmartMag (ThemeSphere)

CVE-2025-64204 WordPress SmartMag theme <= 10.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

CVE-2025-64204 WordPress SmartMag theme <= 10.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeSphere SmartMag smart-mag allows Stored XSS.This issue affects SmartMag: from n/a through = 10.3.1...

WordPress plugin SmartMag 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-44248

Name of the Vulnerable Software and Affected Versions ThemeSphere SmartMag versions through 10.3.1 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks...

PT-2025-44253

Name of the Vulnerable Software and Affected Versions ThemeSphere SmartMag versions through 10.3.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion...

WordPress plugin SmartMag 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...