9 matches found
CVE-2025-69040
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...
CVE-2025-69040
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...
CVE-2025-69040 WordPress Bfres theme <= 1.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...
CVE-2025-69040
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...
CVE-2025-69040 WordPress Bfres theme <= 1.2.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...
CVE-2025-69040
CVE-2025-69040 affects WordPress theme/product: Bfres (goalthemes) with bfres, affected versions up to and including 1.2.1. Root cause is Improper Control of Filename for Include/Require in PHP, enabling Local File Inclusion (LFI). Red Hat and CVE/NVD entries describe Unauthenticated LFI, with im...
WordPress plugin Bfres has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-4128
Name of the Vulnerable Software and Affected Versions goalthemes Bfres versions through 1.2.1 Description The software contains a flaw related to improper control of filenames used in include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...
WordPress Bfres theme <= 1.2.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Bfres versions = 1.2.1...