Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/29 12:6 p.m.7 views

CVE-2025-24760

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through = 1.3.4...

8.1CVSS5.9AI score0.00489EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 12:15 p.m.5 views

CVE-2025-24760

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through = 1.3.4...

8.1CVSS0.00489EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 11:52 a.m.20 views

CVE-2025-24760

CVE-2025-24760 affects the WordPress theme Sofass (Sofass: <= 1.3.4). Described as an unauthenticated Local File Inclusion via Improper Control of Filename for Include/Require, i.e., PHP Remote File Inclusion. CVSS v3.1 base score 8.1 (HIGH) with network attack vector, high impact on confident...

8.1CVSS5.9AI score0.00489EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/27 11:52 a.m.3 views

CVE-2025-24760 WordPress Sofass theme <= 1.3.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through = 1.3.4...

8.1CVSS5.3AI score0.00489EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 11:52 a.m.14 views

CVE-2025-24760 WordPress Sofass theme <= 1.3.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through = 1.3.4...

8.1CVSS0.00489EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/23 12:0 a.m.10 views

WordPress Sofass Theme <= 1.3.4 is vulnerable to Local File Inclusion

Software Sofass Type Theme Vulnerable versions = 1.3.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-24760 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 97dd93e076df Credits Phat RiO - BlueRock Required privilege Unauthenticat...

7.2AI score0.00489EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder