CVE-2026-22393

CVE-2026-22393 is an IDOR vulnerability in the WordPress Curly theme by Mikado-Themes, affecting Curly versions 3.3 and earlier. The issue enables Authorization Bypass through a user-controlled key, allowing access to resources that should be protected. The attack surface is network-attack friend...

CVE-2026-22393 WordPress Curly theme <= 3.3 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through = 3.3...

CVE-2026-22393 WordPress Curly theme <= 3.3 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through = 3.3...

CVE-2025-67936 WordPress Curly theme < 3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Curly curly allows PHP Local File Inclusion.This issue affects Curly: from n/a through 3.3...

CVE-2025-67936 WordPress Curly theme < 3.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Curly curly allows PHP Local File Inclusion.This issue affects Curly: from n/a through 3.3...

WordPress Curly theme < 3.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Curly versions 3.3...

WordPress Curly theme <= 3.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Curly versions = 3.3...