EUVD-2025-17485

Malicious code in bioql PyPI...

WordPress Avaz plugin file inclusion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Avaz plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

CVE-2025-28944

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz: from n/a through = 2.8...

CVE-2025-28944

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz: from n/a through = 2.8...

CVE-2025-28944

CVE-2025-28944 affects Avaz WordPress theme (versions n/a through 2.8). It is an Unauthenticated Local File Inclusion due to improper control of filenames for PHP Include/Require, enabling PHP LFI. CVSS v3.1 base score 8.1 (HIGH) with network attack vector, high impact on confidentiality, integri...

CVE-2025-28944 WordPress Avaz theme <= 2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz: from n/a through = 2.8...

CVE-2025-28944 WordPress Avaz theme <= 2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz: from n/a through = 2.8...

WordPress Avaz theme <= 2.8 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Avaz versions = 2.8...

WordPress Avaz Theme <= 2.8 is vulnerable to Local File Inclusion

Software Avaz Type Theme Vulnerable versions = 2.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-28944 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1dc6fdd3ef9e Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Required...

WordPress plugin Avaz 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress Avaz plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

PT-2025-24469 · Avaz · Avaz

Name of the Vulnerable Software and Affected Versions: Avaz versions n/a through 2.8 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion in the Avaz them...

avaz.es XSS vulnerability

Open Bug Bounty ID: OBB-230340 Description| Value ---|--- Affected Website:| avaz.es Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...