7 matches found
CVE-2026-40726
Unauthenticated Broken Access Control in User Registration Stripe = 1.3.14 versions...
CVE-2026-39708
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a through = 1.3.14...
CVE-2025-68536
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...
WordPress Zota theme <= 1.3.14 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Zota versions = 1.3.14...
CVE-2025-68537 WordPress Zota theme <= 1.3.14 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...
CVE-2025-68537
CVE-2025-68537 is a WordPress theme vulnerability in Zota (Them ebeez theme family) where an authenticated attacker (Contributor+) can trigger Local File Inclusion via the Include/Require handling in PHP. Affected versions: Zota up to 1.3.14. The issue has a high impact profile (CVE‑2015‑68537, C...
CVE-2025-68537 WordPress Zota theme <= 1.3.14 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Zota zota allows PHP Local File Inclusion.This issue affects Zota: from n/a through = 1.3.14...