5 matches found
CVE-2025-64195
CVE-2025-64195 affects the WordPress Eduma theme (Eduma) up to version 5.7.6, due to improper control of the filename in include/require statements, enabling Local File Inclusion (LFI). The issue is documented across multiple sources (NVD/Red Hat/CVE records) as Eduma 5.7.6) to mitigate the vuln...
WordPress Eduma theme <= 5.7.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Eduma versions = 5.7.6...
CVE-2025-39460 WordPress Eduma theme <= 5.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThimPress Eduma eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through = 5.6.4...
CVE-2025-39460 WordPress Eduma theme <= 5.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThimPress Eduma eduma allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eduma: from n/a through = 5.6.4...
WordPress Eduma Theme <= 5.4.7 is vulnerable to Cross Site Scripting (XSS)
Software Eduma Type Theme Vulnerable versions = 5.4.7 Fixed in 5.4.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35697 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f915e1861e8 Credits Rafie Muhammad Patchstack Required privileg...