19 matches found
CVE-2025-5804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...
EUVD-2025-209401
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...
CVE-2025-5804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...
CVE-2025-5804 WordPress Case Theme User < 1.0.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a through 1.0.4...
CVE-2025-5804 WordPress Case Theme User < 1.0.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...
CVE-2025-5804
CVE-2025-5804 affects the WordPress plugin Case Theme User (versions before 1.0.4). The issue is an Unauthenticated Local File Inclusion due to Improper Control of Filename for Include/Require Statement in PHP, enabling LFI in Case Theme User prior to 1.0.4. Public references from Patchstack/Word...
PT-2026-31913
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4...
WordPress plugin Case Theme User 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
EUVD-2025-25634
Malicious code in bioql PyPI...
Attackers Actively Exploiting Critical Vulnerability in Case Theme User Plugin
📢 Calling all Vulnerability Researchers and Bug Bounty Hunters!📢 🚀 Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,2...
CVE-2025-5821
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging in a user with the data that was previously verified through the facebookajaxlogincallback function. This makes it possible f...
CVE-2025-5821
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging in a user with the data that was previously verified through the facebookajaxlogincallback function. This makes it possible f...
CVE-2025-5821 Case Theme User <= 1.0.3 - Authentication Bypass via Social Login
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging in a user with the data that was previously verified through the facebookajaxlogincallback function. This makes it possible f...
CVE-2025-5821
The CVE-2025-5821 case concerns the WordPress plugin Case Theme User (versions up to 1.0.3). The vulnerability is an Authentication Bypass caused by improper login handling in the facebook_ajax_login_callback() pathway, enabling unauthenticated attackers who have an existing site account and acce...
CVE-2025-5821 Case Theme User <= 1.0.3 - Authentication Bypass via Social Login
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging in a user with the data that was previously verified through the facebookajaxlogincallback function. This makes it possible f...
WordPress plugin Case Theme User security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2025-34523
Name of the Vulnerable Software and Affected Versions: Case Theme User plugin for WordPress versions prior to 1.0.4 Description: The Case Theme User plugin for WordPress is susceptible to an authentication bypass. This issue stems from the plugin's failure to correctly log in a user with data...
WordPress Case Theme User plugin <= 1.0.3 - Authentication Bypass via Social Login vulnerability
Authentication Bypass via Social Login vulnerability discovered by Foxyyy in WordPress Plugin Case Theme User versions = 1.0.3...
VulnCheck KEV: CVE-2025-5821
The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging in a user with the data that was previously verified through the facebookajaxlogincallback function. This makes it possible f...