Lucene search
+L

11 matches found

nvd
nvd
added 2026/03/05 6:16 a.m.6 views

CVE-2026-28098

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...

8.1CVSS0.00403EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/05 5:54 a.m.5 views

CVE-2026-28098 WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
cve
cve
added 2026/03/05 5:54 a.m.12 views

CVE-2026-28079

CVE-2026-28079: Local File Inclusion in the WordPress Conquerors theme (versions &lt;= 1.2.13) due to Improper Control of Filename for Include/Require statements in PHP. Impact is Local File Inclusion with HIGH severity (CVSS 3.1: 8.1) and network attack vector, no user interaction required. Affe...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/05 5:54 a.m.30 views

CVE-2026-28079 WordPress Conquerors theme <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through = 1.2.13...

8.1CVSS0.00403EPSS
Exploits0References1
nvd
nvd
added 2025/10/27 2:15 a.m.5 views

CVE-2025-62890

Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...

4.3CVSS0.00128EPSS
Exploits0References1
cve
cve
added 2025/10/27 1:33 a.m.13 views

CVE-2025-62890

CVE-2025-62890 is a CSRF vulnerability in the WordPress plugin Premmerce Brands for WooCommerce (versions n/a through 1.2.13). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) yields a base score of 4.3 (Medium). The Red Hat and NVD entries corroborate that the issue concerns Cross-Site ...

4.3CVSS6.5AI score0.00128EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/10/23 3:13 p.m.8 views

CVE-2025-62070

Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...

4.3CVSS7AI score0.00184EPSS
Exploits0References1
euvd
euvd
added 2025/10/22 3:31 p.m.6 views

EUVD-2025-35368

Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...

6.5AI score0.00184EPSS
Exploits0References2
cve
cve
added 2025/10/22 2:32 p.m.11 views

CVE-2025-62070

CVE-2025-62070: WordPress WowRevenue plugin

4.3CVSS6.6AI score0.00184EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/22 2:32 p.m.12 views

CVE-2025-62070 WordPress WowRevenue plugin <= 1.2.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...

4.3CVSS0.00184EPSS
Exploits0References1
patchstack
patchstack
added 2025/09/08 12:0 a.m.3 views

WordPress Adrena Theme <= 1.2.13 is vulnerable to Local File Inclusion

Software Adrena Type Theme Vulnerable versions = 1.2.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID fee2bf7593ad Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

8.1CVSS7.7AI score0.00519EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder