31 matches found
EUVD-2026-20294
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...
CVE-2026-39637
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...
CVE-2026-4530 apconw Aix-DB terminology_retriever.py sql injection
A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminologyretriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been...
CVE-2026-32359 WordPress Icon List Block plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through = 1.2.3...
CVE-2026-27437
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through = 1.2.3...
CVE-2026-27437
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through = 1.2.3...
PT-2026-23269
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through = 1.2.3...
CVE-2025-69037
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through = 1.2.3...
WordPress JobBank plugin <= 1.2.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin JobBank versions = 1.2.3...
CVE-2023-25698
Cross-Site Request Forgery CSRF vulnerability in Studio Wombat Shoppable Images plugin = 1.2.3 versions...
WordPress Black Rider theme <= 1.2.3 - Sensitive Data Exposure vulnerability
Software : Black Rider Type : Theme Vulnerable versions : = 1.2.3 OWASP Top 10 : A3: Sensitive Data Exposure Classification : Sensitive Data Exposure CVE ID : CVE-2025-59003 Patchstack priority : Medium CVSS severity : 5.8 Required privilege : Unauthenticated Developer : Claim ownership PSID :...
WordPress Pippo theme <= 1.2.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Pippo versions = 1.2.3...
CVE-2025-58892 WordPress Tourimo theme <= 1.2.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through = 1.2.3...
PT-2025-52124
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through = 1.2.3...
WordPress Magazine Companion plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Magazine Companion versions = 1.2.3...
WordPress Alanzo Theme <= 1.2.3 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Alanzo versions = 1.2.3...
WordPress Callie Britt Theme <= 1.2.3 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Callie Britt versions = 1.2.3...
WordPress Callie Britt Theme <= 1.2.3 is vulnerable to Local File Inclusion
Software Callie Britt Type Theme Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 14891aeee80a Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunit...
WordPress Tourimo theme <= 1.2.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Tourimo versions = 1.2.3...
CVE-2025-49058 WordPress SoundSt SEO Search plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sound Strategies SoundSt SEO Search soundst-seo-search allows Reflected XSS.This issue affects SoundSt SEO Search: from n/a through = 1.2.3...