11 matches found
CVE-2026-28098
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...
CVE-2026-28098 WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...
CVE-2026-28079
CVE-2026-28079: Local File Inclusion in the WordPress Conquerors theme (versions <= 1.2.13) due to Improper Control of Filename for Include/Require statements in PHP. Impact is Local File Inclusion with HIGH severity (CVSS 3.1: 8.1) and network attack vector, no user interaction required. Affe...
CVE-2026-28079 WordPress Conquerors theme <= 1.2.13 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through = 1.2.13...
CVE-2025-62890
Cross-Site Request Forgery CSRF vulnerability in Premmerce Premmerce Brands for WooCommerce premmerce-woocommerce-brands allows Cross Site Request Forgery.This issue affects Premmerce Brands for WooCommerce: from n/a through = 1.2.13...
CVE-2025-62890
CVE-2025-62890 is a CSRF vulnerability in the WordPress plugin Premmerce Brands for WooCommerce (versions n/a through 1.2.13). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) yields a base score of 4.3 (Medium). The Red Hat and NVD entries corroborate that the issue concerns Cross-Site ...
CVE-2025-62070
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...
EUVD-2025-35368
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...
CVE-2025-62070
CVE-2025-62070: WordPress WowRevenue plugin
CVE-2025-62070 WordPress WowRevenue plugin <= 1.2.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through = 1.2.13...
WordPress Adrena Theme <= 1.2.13 is vulnerable to Local File Inclusion
Software Adrena Type Theme Vulnerable versions = 1.2.13 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID fee2bf7593ad Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...