Lucene search
K

27 matches found

NVD
NVD
added 2026/06/10 3:16 p.m.21 views

CVE-2026-8335

A missing authentication check on the Aix‑DB "/llm/processllmout" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All releases up to 1.2.4 are...

7.1CVSS0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.4 views

CVE-2026-28010

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects Scientia: from n/a through = 1.2.4...

8.1CVSS0.00403EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:54 a.m.12 views

CVE-2026-28089

CVE-2026-28089 is a reported Local File Inclusion in the WordPress theme Daiquiri (ThemeREX) up to version 1.2.4. The issue arises from improper control of filenames used in PHP include/require statements, enabling potential LFI. The description across sources confirms affected software (Daiquiri

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/02 11:37 a.m.3 views

WordPress Tediss theme <= 1.2.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Tediss versions = 1.2.4...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/27 7:52 a.m.5 views

WordPress Daiquiri theme <= 1.2.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Daiquiri versions = 1.2.4...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/02/25 12:28 p.m.4 views

WordPress Consultor | Consulting, Accounting & Legal Counsel WordPress Theme theme <= 1.2.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Consultor | Consulting, Accounting & Legal Counsel WordPress Theme versions = 1.2.4...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/02/20 4:22 p.m.6 views

CVE-2025-69393

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through = 1.2.4...

7.5CVSS0.00293EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.24 views

CVE-2025-69393 WordPress Exzo theme <= 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through = 1.2.4...

7.5CVSS0.00293EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.3 views

CVE-2025-68896

Missing Authorization vulnerability in vrpr WDV One Page Docs wdv-one-page-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WDV One Page Docs: from n/a through = 1.2.4...

6.5CVSS0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4099

Name of the Vulnerable Software and Affected Versions WDV One Page Docs versions through 1.2.4 Description An authorization issue exists in vrpr WDV One Page Docs, specifically related to incorrectly configured access control security levels. This allows for unauthorized access. Recommendations...

5.2AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/29 9:30 a.m.4 views

EUVD-2025-36620

Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets masterstudy-elementor-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masterstudy Elementor Widgets: from n/a through = 1.2.4...

5.3CVSS6.5AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/29 9:30 a.m.5 views

EUVD-2025-36621

Missing Authorization vulnerability in StylemixThemes Masterstudy Elementor Widgets masterstudy-elementor-widgets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Masterstudy Elementor Widgets: from n/a through = 1.2.4...

5.4CVSS6.5AI score0.0016EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.5 views

CVE-2025-53350

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through = 1.2.4...

7.1CVSS6.4AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.5 views

EUVD-2025-35393

Deserialization of Untrusted Data vulnerability in acowebs Product Table For WooCommerce product-table-for-woocommerce.This issue affects Product Table For WooCommerce: from n/a through = 1.2.4...

6.5AI score0.00472EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 3:16 p.m.14 views

CVE-2025-62008

Deserialization of Untrusted Data vulnerability in acowebs Product Table For WooCommerce product-table-for-woocommerce.This issue affects Product Table For WooCommerce: from n/a through = 1.2.4...

8.8CVSS0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/24 6:31 p.m.5 views

CVE-2025-58681

Missing Authorization vulnerability in Jürgen Müller Easy Quotes easy-quotes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Quotes: from n/a through = 1.2.4...

5.3CVSS5.9AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/23 12:0 a.m.8 views

PT-2025-34509 · WordPress · Ni Woocommerce Customer Product Report

Name of the Vulnerable Software and Affected Versions: Ni WooCommerce Customer Product Report plugin for WordPress versions up to and including 1.2.4 Description: The Ni WooCommerce Customer Product Report plugin for WordPress is susceptible to unauthorized data modification. This is due to a...

4.3CVSS6.5AI score0.00188EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/08/21 12:28 p.m.4 views

WordPress Magazine Elite Theme <= 1.2.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Le Ngoc Anh in WordPress Theme Magazine Elite versions = 1.2.4...

8.1CVSS6.9AI score0.00404EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/03 4:14 p.m.5 views

CVE-2025-31818

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ContentBot.ai ContentBot AI Writer content-bot allows Stored XSS.This issue affects ContentBot AI Writer: from n/a through = 1.2.4...

6.5CVSS7.2AI score0.00252EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/21 12:0 a.m.5 views

WordPress MyTicket Events plugin <= 1.2.4 - Non-Arbitrary File Read vulnerability

Non-Arbitrary File Read vulnerability discovered by Anhchangmutrang in WordPress Plugin MyTicket Events versions = 1.2.4...

5.3CVSS7AI score0.004EPSS
Exploits0Affected Software1
Rows per page
Query Builder