36 matches found
CVE-2026-57690
Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...
CVE-2026-57689
Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...
CVE-2026-27414
Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...
CVE-2026-57690
The CVE-2026-57690 entry documents an unauthenticated Cross Site Request Forgery (CSRF) in the WordPress Werkstatt theme versions ≤ 4.7.2. The vulnerability affects the Werkstatt theme (WordPress plugin/theme) and is described as CSRF without details on exploit vectors beyond unauthenticated acce...
CVE-2026-57690 WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...
CVE-2026-57689
The CVE-2026-57689 entry concerns the WordPress Werkstatt theme (versions up to 4.7.2) with a Broken Access Control flaw. Affected component: Werkstatt WordPress theme; root cause: broken access control mechanisms in version <= 4.7.2. Impact: unauthorized access to restricted functionality, as...
CVE-2026-57689 WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...
CVE-2026-27414 WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability
Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...
CVE-2026-27414
CVE-2026-27414 details (provided): WordPress Werkstatt theme
WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Werkstatt versions = 4.8.3...
WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...
WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...
CVE-2025-69314
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...
CVE-2025-63017
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...
CVE-2025-69314
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...
CVE-2025-63017
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...
CVE-2025-69314
CVE-2025-69314 describes a PHP Local File Inclusion in the WordPress theme Werkstatt (fuelthemes) exploitable via improper control of the filename used by include/require. Affected: Werkstatt versions before 4.8.3 (i.e.,
CVE-2025-69314 WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...
CVE-2025-69314 WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...
CVE-2025-63017 WordPress WerkStatt plugin plugin <= 1.6.6 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...