EUVD-2025-17481

Malicious code in bioql PyPI...

WordPress CraftXtore plugin file inclusion vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CraftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...

CVE-2025-24770

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770

CVE-2025-24770 corresponds to a PHP Local File Inclusion in CraftXtore (WordPress theme) via improper filename handling in include/require. Affects CraftXtore

CVE-2025-24770 WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

CVE-2025-24770 WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue affects CraftXtore: from n/a through = 1.7...

WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Phat RiO - BlueRock in WordPress Theme CraftXtore versions = 1.7...

WordPress CraftXtore Theme <= 1.7 is vulnerable to Local File Inclusion

Software CraftXtore Type Theme Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-24770 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID db65eb0ec141 Credits Phat RiO - BlueRock Required privilege...

PT-2025-24465 · Bzotheme · Bzotheme Craftxtore

Name of the Vulnerable Software and Affected Versions: BZOTheme CraftXtore versions n/a through 1.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

WordPress plugin CraftXtore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in the WordPress CraftXtore plugin that stems from not doing effective filtering of local file resource calls, which can be exploited by an...