Lucene search
K

4 matches found

NVD
NVD
added 2025/01/25 6:15 a.m.23 views

CVE-2025-0682

The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trxscreviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

8.8CVSS0.00606EPSS
Exploits0References2
Circl
Circl
added 2025/01/25 5:31 a.m.11 views

CVE-2025-0682

creationtimestamp| type| source ---|---|--- 2025-01-25 05:31:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113887351235769010 2025-01-25 06:05:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3048 2025-01-25 07:00:19+00:00| seen|...

8.8CVSS8.7AI score0.00606EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/25 5:30 a.m.15 views

CVE-2025-0682 ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The ThemeREX Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.0 via the 'trxscreviews' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

8.8CVSS9.2AI score0.00606EPSS
Exploits0References2
CVE
CVE
added 2025/01/25 5:30 a.m.84 views

CVE-2025-0682

CVE-2025-0682 (ThemeREX Addons for WordPress) is an authenticated Local File Inclusion vulnerability affecting ThemeREX Addons versions up to and including 2.33.0. An attacker with contributor-level (or higher) privileges can abuse the trx_sc_reviews shortcode’s type attribute to include and exec...

8.8CVSS8.9AI score0.00606EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder