5 matches found
CVE-2025-39360
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in everestthemes Grace Mag grace-mag allows PHP Local File Inclusion.This issue affects Grace Mag: from n/a through = 1.1.5...
CVE-2025-39360
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in everestthemes Grace Mag grace-mag allows PHP Local File Inclusion.This issue affects Grace Mag: from n/a through = 1.1.5...
CVE-2025-39360
CVE-2025-39360 refers to a Local File Inclusion in the Grace Mag WordPress theme (versions 1.1.5 and earlier). The issue stems from improper control of filenames in PHP include/require logic, i.e., a PHP Remote File Inclusion that permits local file inclusion. Affected product: Grace Mag theme up...
CVE-2025-39360 WordPress Grace Mag theme <= 1.1.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in everestthemes Grace Mag grace-mag allows PHP Local File Inclusion.This issue affects Grace Mag: from n/a through = 1.1.5...
WordPress Grace Mag Theme <= 1.1.5 is vulnerable to Local File Inclusion
Software Grace Mag Type Theme Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39360 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 0975a9499751 Credits Dimas Maulana Required privilege Unauthenticated...