EUVD-2025-17481

Malicious code in bioql PyPI...

WordPress CraftXtore plugin file inclusion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CraftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

CVE-2025-24770

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770 WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770

CVE-2025-24770 corresponds to a PHP Local File Inclusion in CraftXtore (WordPress theme) via improper filename handling in include/require. Affects CraftXtore

CVE-2025-24770 WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Phat RiO - BlueRock in WordPress Theme CraftXtore versions = 1.7...

WordPress CraftXtore Theme <= 1.7 is vulnerable to Local File Inclusion

Software CraftXtore Type Theme Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-24770 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID db65eb0ec141 Credits Phat RiO - BlueRock Required privilege...

WordPress plugin CraftXtore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CraftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

PT-2025-24465 · Bzotheme · Bzotheme Craftxtore

Name of the Vulnerable Software and Affected Versions: BZOTheme CraftXtore versions n/a through 1.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...