Lucene search
+L

16 matches found

vulnrichment
vulnrichment
added 2026/03/05 5:53 a.m.3 views

CVE-2026-22434 WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through = 1.2.11...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
cve
cve
added 2026/03/05 5:53 a.m.30 views

CVE-2026-22434

CVE-2026-22434 details a Local File Inclusion in Crown Art (AncoraThemes Crown Art) WordPress theme. Public sources confirm improper control of filename for include/require statements, leading to PHP Local File Inclusion on Crown Art versions n/a–

8.1CVSS5.9AI score0.00504EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/05 5:53 a.m.35 views

CVE-2026-22434 WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through = 1.2.11...

8.1CVSS0.00504EPSS
Exploits0References1
patchstack
patchstack
added 2026/02/25 12:34 p.m.8 views

WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Crown Art versions = 1.2.11...

8.1CVSS5.9AI score0.00504EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2025/07/18 11:54 a.m.16 views

CVE-2025-31422

Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme visual-arts allows Object Injection.This issue affects Visual Art | Gallery WordPress Theme: from n/a through = 2.4...

8.8CVSS5.9AI score0.00449EPSS
Exploits0References1
cve
cve
added 2025/07/16 11:28 a.m.23 views

CVE-2025-31422

Vulnerability: CVE-2025-31422 in designthemes Visual Art | Gallery WordPress Theme (

8.8CVSS5.9AI score0.00449EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/07/16 11:28 a.m.4 views

CVE-2025-31422 WordPress Visual Art | Gallery WordPress Theme <= 2.4 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme allows Object Injection. This issue affects Visual Art | Gallery WordPress Theme: from n/a through 2.4...

8.8CVSS6.5AI score0.00449EPSS
Exploits0References1
patchstack
patchstack
added 2025/07/15 11:50 a.m.6 views

WordPress Visual Art | Gallery WordPress Theme <= 2.4 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Visual Art | Gallery WordPress Theme versions = 2.4...

8.8CVSS7.2AI score0.00449EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2025/06/26 7:38 a.m.5 views

WordPress Red Art theme <= 3.8 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Cút lộn xào me in WordPress Theme Red Art versions = 3.8...

8.8CVSS7.2AI score0.00344EPSS
Exploits0Affected Software1
nvd
nvd
added 2025/06/06 6:15 a.m.9 views

CVE-2025-1778

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

4.3CVSS0.00194EPSS
Exploits0References2
cve
cve
added 2025/06/06 5:22 a.m.56 views

CVE-2025-1778

CVE-2025-1778 affects Art Theme (WordPress Theme). Root cause: missing capability check on the AJAX function arttheme_theme_option_restore, allowing authenticated attackers with subscriber-level access and above to delete the theme option. Affected versions: all up to and including 3.12.2.3. Reme...

4.3CVSS6.5AI score0.00194EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/06/06 5:22 a.m.4 views

CVE-2025-1778 Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

4.3CVSS6.7AI score0.00194EPSS
Exploits0References2
cvelist
cvelist
added 2025/06/06 5:22 a.m.34 views

CVE-2025-1778 Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

4.3CVSS0.00194EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/06/06 12:0 a.m.4 views

WordPress plugin Art Theme 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS4.7AI score0.00194EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/06/06 12:0 a.m.6 views

PT-2025-24014 · WordPress · The Art Theme

Name of the Vulnerable Software and Affected Versions: The Art Theme for WordPress versions up to, and including, 3.12.2.3 Description: The issue is related to unauthorized access due to a missing capability check on the 'arttheme theme option restore' AJAX function. This allows authenticated...

4.3CVSS4.3AI score0.00194EPSS
Exploits0References6
patchstack
patchstack
added 2025/06/05 7:58 p.m.11 views

WordPress Art Theme plugin <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete vulnerability

Missing Authorization to Authenticated Subscriber+ Theme Option Delete vulnerability discovered by István Márton in WordPress Plugin Art Theme versions = 3.12.2.3...

4.3CVSS6.7AI score0.00194EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder