CVE-2025-26748 WordPress Arkhe theme <= 3.12.0 - CSRF to Local File Inclusion vulnerability

Cross-Site Request Forgery CSRF vulnerability in looswebstudio Arkhe arkhe allows PHP Local File Inclusion.This issue affects Arkhe: from n/a through = 3.12.0...

WordPress Arkhe theme <= 3.12.0 - CSRF to Local File Inclusion vulnerability

CSRF to Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Theme Arkhe versions = 3.12.0...

WordPress Arkhe Theme <= 3.12.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Arkhe Type Theme Vulnerable versions = 3.12.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-26748 Patch priority Low CVSS severity Low 8.1 Developer Claim ownership PSID a6776a4c31ac Credits Dimas Maulana Required privileg...

WordPress Arkhe Blocks plugin <= 2.23.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Arkhe Blocks versions = 2.23.0...