Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.4 views

CVE-2026-32393

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.11 views

EUVD-2026-11905

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:54 p.m.12 views

CVE-2026-32393

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

7.5CVSS0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.28 views

CVE-2026-32393 WordPress Greenly Theme Addons plugin < 8.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

7.5CVSS0.00381EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.2 views

CVE-2026-32393 WordPress Greenly Theme Addons plugin < 8.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.17 views

CVE-2026-32393

CVE-2026-32393 concerns the WordPress plugin Greenly Theme Addons (Creatives Planet/Creatives_Planet Greenly Theme Addons) with versions older than 8.2. The issue is an Improper Control of Filename for Include/Require Statement in PHP, enabling PHP Local File Inclusion due to what is described as...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.4 views

CVE-2026-32393

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.9 views

PT-2026-25239

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.4 views

WordPress plugin Greenly Theme Addons 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 3:32 p.m.7 views

CVE-2025-63053

Authorization Bypass Through User-Controlled Key vulnerability in Liton Arefin Master Addons for Elementor master-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through = 2.0.9.9.4...

5.3CVSS5.9AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 2:59 p.m.4 views

EUVD-2025-205943

Authorization Bypass Through User-Controlled Key vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.9.9.4...

5.3CVSS6.4AI score0.00203EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/24 12:51 p.m.2 views

EUVD-2023-45235

Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Master Addons for Elementor: from n/a through 2.0.5.3...

6.5CVSS6.5AI score0.00247EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/25 5:32 a.m.3 views

CVE-2025-8062

The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wsweather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2025/08/23 5:15 a.m.3 views

CVE-2025-8062

The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wsweather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/23 4:25 a.m.7 views

CVE-2025-8062 WS Theme Addons <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ws_weather Shortcode

The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wsweather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00222EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/23 12:0 a.m.3 views

WordPress plugin WS Theme Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00222EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/23 12:0 a.m.4 views

PT-2025-34515 · WordPress · Ws Theme Addons

Name of the Vulnerable Software and Affected Versions: WS Theme Addons plugin for WordPress versions prior to 2.0.1 Description: The WS Theme Addons plugin for WordPress is susceptible to Stored Cross-Site Scripting through the ws weather shortcode. Insufficient input sanitization and output...

6.4CVSS5.8AI score0.00222EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/08/22 10:13 p.m.5 views

WordPress WS Theme Addons plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ws_weather Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wsweather Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WS Theme Addons versions = 2.0.0...

6.4CVSS5.5AI score0.00222EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/07/20 8:15 a.m.2 views

CVE-2024-38710

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2...

4.8CVSS5.8AI score
Exploits0References1
Patchstack
Patchstack
added 2024/07/03 6:23 a.m.1 views

WordPress WS Theme Addons plugin <= 2.0.0 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin WS Theme Addons versions = 2.0.0...

7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder