Lucene search
K

36 matches found

NVD
NVD
added yesterday4 views

CVE-2026-57690

Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...

4.3CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57689

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-27414

Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...

8.8CVSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57690

The CVE-2026-57690 entry documents an unauthenticated Cross Site Request Forgery (CSRF) in the WordPress Werkstatt theme versions ≤ 4.7.2. The vulnerability affects the Werkstatt theme (WordPress plugin/theme) and is described as CSRF without details on exploit vectors beyond unauthenticated acce...

4.3CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-57690 WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF in Werkstatt = 4.7.2 versions...

4.3CVSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-57689

The CVE-2026-57689 entry concerns the WordPress Werkstatt theme (versions up to 4.7.2) with a Broken Access Control flaw. Affected component: Werkstatt WordPress theme; root cause: broken access control mechanisms in version &lt;= 4.7.2. Impact: unauthorized access to restricted functionality, as...

4.3CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-57689 WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability

Subscriber Broken Access Control in Werkstatt = 4.7.2 versions...

4.3CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-27414 WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Werkstatt = 4.8.3 versions...

8.8CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-27414

CVE-2026-27414 details (provided): WordPress Werkstatt theme

8.8CVSS5.8AI score
Exploits0References1
Patchstack
Patchstack
added 3 days ago4 views

WordPress Werkstatt theme <= 4.8.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Werkstatt versions = 4.8.3...

8.8CVSS5.8AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 4 days ago7 views

WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...

4.3CVSS5.8AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 4 days ago7 views

WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...

4.3CVSS5.8AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.5 views

CVE-2025-69314

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

8.1CVSS5.5AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.8 views

CVE-2025-63017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...

7.5CVSS5.5AI score0.00515EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.4 views

CVE-2025-69314

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

8.1CVSS0.00403EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:15 p.m.6 views

CVE-2025-63017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...

7.5CVSS0.00515EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.11 views

CVE-2025-69314

CVE-2025-69314 describes a PHP Local File Inclusion in the WordPress theme Werkstatt (fuelthemes) exploitable via improper control of the filename used by include/require. Affected: Werkstatt versions before 4.8.3 (i.e.,

8.1CVSS5.5AI score0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-69314 WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

5.9AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.17 views

CVE-2025-69314 WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes Werkstatt werkstatt allows PHP Local File Inclusion.This issue affects Werkstatt: from n/a through 4.8.3...

8.1CVSS0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.2 views

CVE-2025-63017 WordPress WerkStatt plugin plugin <= 1.6.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...

7.5CVSS5.3AI score0.00515EPSS
Exploits0References1
Rows per page
Query Builder