EUVD-2025-9853

Malicious code in bioql PyPI...

CVE-2025-10143

The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0 via the 'catchdarkmode' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on t...

WordPress Catch Dark Mode plugin file inclusion vulnerability

WordPress Catch Dark Mode plugin is an official plugin for enabling dark mode in WordPress websites, offering a wide range of customization options and pre-built theme solutions. The WordPress Catch Dark Mode plugin suffers from a file inclusion vulnerability that stems from a local file inclusio...

CVE-2025-10143

The Catch Dark Mode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0 via the 'catchdarkmode' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on t...

CVE-2025-10143

CVE-2025-10143 affects the WordPress plugin Catch Dark Mode. All versions up to and including 2.0 are vulnerable to Local File Inclusion via the catch_dark_mode shortcode, allowing authenticated users with Contributor-level access or higher to include and execute arbitrary PHP files on the server...

CVE-2025-32154

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through = 2.0.1...

CVE-2025-32154

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through = 2.0.1...

CVE-2025-32154

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode allows PHP Local File Inclusion. This issue affects Catch Dark Mode: from n/a through 1.2.1...

CVE-2025-32154 WordPress Catch Dark Mode plugin <= 2.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through = 2.0.1...

CVE-2025-32154

CVE-2025-32154 affects Catch Dark Mode (WordPress plugin) and is an Authenticated Local File Inclusion via improper filename control in PHP include/require. Affected version range is Catch Dark Mode up to 1.2.1. The vulnerability is documented with a high impact (C, I, A) and a network attack vec...

CVE-2025-32154 WordPress Catch Dark Mode plugin <= 2.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Catch Themes Catch Dark Mode catch-dark-mode allows PHP Local File Inclusion.This issue affects Catch Dark Mode: from n/a through = 2.0.1...