26 matches found
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
EUVD-2026-20419
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39710
Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39710 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39710
Cross-Site Request Forgery CSRF vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-39711 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
WordPress plugin RT-Theme 18 Extensions 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
EUVD-2025-24744
Malicious code in bioql PyPI...
CVE-2025-32288
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.4...
CVE-2025-32288 WordPress RT-Theme 18 | Extensions plugin <= 2.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.4...
CVE-2025-32288
CVE-2025-32288 – RT-Theme 18 Extensions (WordPress) Affects WordPress plugin: RT-Theme 18 Extensions, versions through 2.4. Description: Improper control of filenames for Include/Require statements in PHP (PHP Remote File Inclusion) leading to Local File Inclusion (LFI). The root cause is imprope...
WordPress plugin RT-Theme 18 | Extensions 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2025-33166 · Stmcan · Rt-Theme 18 | Extensions
Name of the Vulnerable Software and Affected Versions: stmcan RT-Theme 18 | Extensions versions through 2.4 Description: An Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' issue exists in stmcan RT-Theme 18 | Extensions, allowing PHP Local File Inclusion...
CVE-2024-12295
The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plugin not properly validating a user's identity prior to updating their password through the 'boomboxajaxresetpassword'...
CVE-2024-12295
The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plugin not properly validating a user's identity prior to updating their password through the 'boomboxajaxresetpassword'...
CVE-2024-12295 BoomBox Theme Extensions <= 1.8.0 - Authenticated (Subscriber+) Privilege Escalation via Password Reset/Account Takeover in boombox_ajax_reset_password
The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plugin not properly validating a user's identity prior to updating their password through the 'boomboxajaxresetpassword'...
CVE-2024-12295 BoomBox Theme Extensions <= 1.8.0 - Authenticated (Subscriber+) Privilege Escalation via Password Reset/Account Takeover in boombox_ajax_reset_password
The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plugin not properly validating a user's identity prior to updating their password through the 'boomboxajaxresetpassword'...