83 matches found
CVE-2026-39613
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
EUVD-2026-20249
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613
CVE-2026-39613 concerns a Local File Inclusion in the WordPress Boutique theme by Kutethemes (kute-boutique). All connected sources consistently describe an improper control of the filename used by PHP include/require, enabling LFI. Affected software: Boutique theme versions up to and including 2...
CVE-2026-39613
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
WordPress plugin Boutique 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-31178
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
CVE-2026-25342
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
EUVD-2026-15655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
CVE-2026-25342
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
CVE-2026-25342 WordPress Boutique theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
CVE-2026-25342
Summary: CVE-2026-25342 is a Reflected Cross-Site Scripting (XSS) vulnerability in kutethemes’ Boutique (kute-boutique) WordPress theme, affecting versions prior to 2.4.6. Root cause: improper neutralization of input during web page generation. Impact (as described): XSS could allow malicious scr...
CVE-2026-25342 WordPress Boutique theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
WordPress plugin Boutique 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
PT-2026-27905
Name of the Vulnerable Software and Affected Versions kutethemes Boutique versions prior to 2.4.6 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a reflected cross-site scripting issue. This allows for the potential execution...
WordPress Boutique theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Boutique versions 2.4.6...
gps-boutique.com Cross Site Scripting vulnerability OBB-3907451
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
boutique-minimaliste.com Cross Site Scripting vulnerability OBB-3897930
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...