5 matches found
CVE-2025-14359 WordPress Oshine theme < 7.3.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in brandexponents Oshine allows PHP Local File Inclusion. This issue affects Oshine: from n/a before 7.3.0...
CVE-2025-14359 WordPress Oshine theme <= 7.2.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in brandexponents Oshine oshin allows PHP Local File Inclusion.This issue affects Oshine: from n/a through = 7.2.7...
CVE-2025-58660 WordPress Oshine Core Plugin <= 1.5.5 - Broken Access Control Vulnerability
Missing Authorization vulnerability in brandexponents Oshine Core oshine-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Oshine Core: from n/a through = 1.5.5...
CVE-2024-44044 WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through 3.3.8...
VulnCheck KEV: CVE-2024-44055
A server side request forgery SSRF vulnerability is present in WordPress Oshine Modules Plugin that could allow a website to execute website requests to an arbitrary attacker-controlled domain...