5 matches found
CVE-2026-57690
The CVE-2026-57690 entry documents an unauthenticated Cross Site Request Forgery (CSRF) in the WordPress Werkstatt theme versions ≤ 4.7.2. The vulnerability affects the Werkstatt theme (WordPress plugin/theme) and is described as CSRF without details on exploit vectors beyond unauthenticated acce...
WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...
WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Werkstatt versions = 4.7.2...
CVE-2025-69314
CVE-2025-69314 describes a PHP Local File Inclusion in the WordPress theme Werkstatt (fuelthemes) exploitable via improper control of the filename used by include/require. Affected: Werkstatt versions before 4.8.3 (i.e.,
WordPress Werkstatt theme < 4.8.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Werkstatt versions 4.8.3...