CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE•added 2026/03/05 5:53 a.m.•5 views

CVE-2026-22389

CVE-2026-22389 describes an unauthorized Local File Inclusion (LFI) vulnerability in the WordPress theme Mikado-Themes Cocco cocco (versions up to and including 1.5.1). The issue arises from improper control of filenames used in PHP include/require statements, effectively enabling an attacker to ...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•28 views

CVE-2026-22389 WordPress Cocco theme <= 2.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Cocco cocco allows PHP Local File Inclusion.This issue affects Cocco: from n/a through = 2.0...

8.1CVSS0.00172EPSS

Exploits0References1

Vulnrichment•added 2026/03/05 5:53 a.m.•0 views

CVE-2026-22389 WordPress Cocco theme <= 2.0 - Local File Inclusion vulnerability

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Patchstack•added 2026/02/25 8:24 a.m.•3 views

WordPress Cocco theme <= 1.5.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cocco versions = 1.5.1...

8.1CVSS5.9AI score0.00172EPSS

Exploits0Affected Software1

Cvelist•added 2026/01/22 4:52 p.m.•16 views

CVE-2026-22391 WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...

5.4CVSS0.00069EPSS

Exploits0References1

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2026-22391 WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability

5.4CVSS5.9AI score0.00069EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•9 views

CVE-2026-22391

CVE-2026-22391 is an authorization bypass (IDOR) affecting the WordPress plugin/theme Mikado-Themes Cocco cocco, specifically versions up to 1.5.1. The connected Red Hat/NVD entries repeat the description: Authorization Bypass Through User-Controlled Key due to incorrectly configured access contr...

5.4CVSS5.4AI score0.00069EPSS

Exploits0References1

Patchstack•added 2026/01/01 2:18 p.m.•5 views

WordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cocco versions = 1.5.1...

5.4CVSS7AI score0.00069EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by