Lucene search
K

26 matches found

NVD
NVD
added yesterday5 views

CVE-2026-27419

Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...

9.9CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-27419

CVE-2026-27419 affects WordPress Zegen theme versions

9.9CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday13 views

CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Zegen = 1.1.9 versions...

9.9CVSS
Exploits0References1
NVD
NVD
added 2025/11/21 9:15 p.m.8 views

CVE-2025-11087

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...

8.8CVSS0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/21 8:29 p.m.14 views

CVE-2025-11087 Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...

8.8CVSS0.00211EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/21 8:29 p.m.6 views

EUVD-2025-198511

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...

8.8CVSS6.6AI score0.00211EPSS
Exploits0References3
CVE
CVE
added 2025/11/21 8:29 p.m.22 views

CVE-2025-11087

CVE-2025-11087 (Zegen Core, WordPress) : Zegen Core plugin

8.8CVSS6.7AI score0.00211EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/21 8:29 p.m.9 views

CVE-2025-11087 Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload

The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.0.1. This is due to missing nonce validation and missing file type validation in the '/custom-font-code/custom-fonts-uploads.php' file. This makes it possib...

8.8CVSS6.7AI score0.00211EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/11/21 8:28 a.m.10 views

WordPress Zegen Core plugin <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload vulnerability

Cross-Site Request Forgery to Arbitrary File Upload vulnerability discovered by István Márton - Wordfence in WordPress Plugin Zegen Core versions = 2.0.1...

8.8CVSS7AI score0.00211EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.4 views

PT-2025-47802

Name of the Vulnerable Software and Affected Versions Zegen Core versions prior to 2.0.1 Description The Zegen Core plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue leading to Arbitrary File Upload. This is caused by a lack of nonce validation and file type validatio...

8.8CVSS7.8AI score0.00211EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.5 views

WordPress plugin Zegen Core 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

8.8CVSS7.7AI score0.00211EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/07 5:32 p.m.3 views

CVE-2025-53252

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

7.5CVSS7.1AI score0.00405EPSS
Exploits0References1
NVD
NVD
added 2025/11/06 4:15 p.m.3 views

CVE-2025-53252

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

7.5CVSS0.00405EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 3:54 p.m.1 views

CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

7.5CVSS6.7AI score0.00405EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:54 p.m.9 views

CVE-2025-53252

CVE-2025-53252 concerns WordPress Zegen Theme

7.5CVSS6.7AI score0.00405EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 3:54 p.m.8 views

CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

7.5CVSS0.00405EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 3:54 p.m.4 views

EUVD-2025-37998

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

6.6AI score0.00405EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

WordPress plugin Zegen 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.5CVSS6.7AI score0.00405EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.3 views

PT-2025-45223

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Zegen zegen allows PHP Local File Inclusion.This issue affects Zegen: from n/a through = 1.1.9...

7.1AI score0.00405EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/06/24 11:20 a.m.6 views

WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Bonds in WordPress Theme Zegen versions = 1.1.9...

9.8CVSS6.9AI score0.00405EPSS
Exploits0Affected Software1
Rows per page
Query Builder