EUVD-2025-204240

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Kings & Queens kings-queens allows PHP Local File Inclusion.This issue affects Kings & Queens: from n/a through = 1.1.16...

CVE-2025-49363

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Kings & Queens kings-queens allows PHP Local File Inclusion.This issue affects Kings & Queens: from n/a through = 1.1.16...

CVE-2025-49363 WordPress Kings & Queens theme <= 1.1.16 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Kings & Queens kings-queens allows PHP Local File Inclusion.This issue affects Kings & Queens: from n/a through = 1.1.16...

CVE-2025-49363

CVE-2025-49363 concerns the WordPress Kings & Queens theme (versions up to 1.1.16). The issue is an improper control of filenames for include/require statements, enabling PHP Local File Inclusion (LFI) and related PHP Remote File Inclusion risks as described in multiple sources. The vulnerability...

PT-2025-52006

Name of the Vulnerable Software and Affected Versions AncoraThemes Kings & Queens versions through 1.1.16 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

WordPress Translang Theme <= 1.1.16 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Translang versions = 1.1.16...

WordPress PathWell Theme <= 1.1.16 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme PathWell versions = 1.1.16...

WordPress Kings & Queens theme <= 1.1.16 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Kings & Queens versions = 1.1.16...

WordPress Maia Theme <= 1.1.15 is vulnerable to Local File Inclusion

Software Maia Type Theme Vulnerable versions = 1.1.15 Fixed in 1.1.16 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2025-49258 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 17919a5d64c7 Credits Phat RiO - BlueRock Required privilege...

CVE-2023-51837

Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation...

CVE-2023-51842

An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16...

WordPress plugin BookingPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

PT-2024-16356 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress plugin for WordPress versions up to, and including, 1.1.16 Description: The BookingPress plugin for WordPress is vulnerable to SQL Injection via the service parameter of the bookingpress form shortcode due to insufficient escapin...

WordPress Travelpayouts Plugin <= 1.1.16 is vulnerable to Open Redirection

Software Travelpayouts Type Plugin Vulnerable versions = 1.1.16 Fixed in 1.1.17 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2024-0337 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 22ec7383525a Credits Krzysztof Zając CERT PL Required privilege...

PT-2024-14310 · Ylianst · Ylianst Meshcentral

Name of the Vulnerable Software and Affected Versions: Ylianst MeshCentral version 1.1.16 Description: The issue is related to the use of a broken or risky cryptographic algorithm. Recommendations: For Ylianst MeshCentral version 1.1.16, at the moment, there is no information about a newer versio...

MeshCentral Security Vulnerability

MeshCentral is a complete web-based remote monitoring and management site for the MeshCentral community. A security vulnerability exists in MeshCentral version 1.1.16 that stems from an issue with the use of a corrupted or risky encryption algorithm...

Ylianst MeshCentral Security Vulnerability

MeshCentral is a complete web-based remote monitoring and management site for the MeshCentral community. A security vulnerability exists in MeshCentral version 1.1.16 that stems from a missing SSL certificate validation...

PT-2024-14309 · Ylianst · Ylianst Meshcentral

Name of the Vulnerable Software and Affected Versions: Ylianst MeshCentral version 1.1.16 Description: The issue concerns missing SSL certificate validation. Recommendations: For Ylianst MeshCentral version 1.1.16, consider implementing proper SSL certificate validation to mitigate the risk of...

MeshCentral Security Vulnerability

MeshCentral is a complete web-based remote monitoring and management site for the MeshCentral community. A security vulnerability exists in MeshCentral version 1.1.16 that stems from an algorithm degradation...

WordPress plugin WP Chinese Conversion 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...