CVE-2025-11704

The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the 'elegance-menu' attribute of the elegance-menu shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...

CVE-2025-11704

The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the 'elegance-menu' attribute of the elegance-menu shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...

WordPress Elegance Menu plugin <= 1.9 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by zaim in WordPress Plugin Elegance Menu versions = 1.9...

CVE-2025-11704 Elegance Menu <= 1.9 - Authenticated (Contributor+) Local File Inclusion

The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the 'elegance-menu' attribute of the elegance-menu shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...

CVE-2025-11704 Elegance Menu <= 1.9 - Authenticated (Contributor+) Local File Inclusion

The Elegance Menu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the 'elegance-menu' attribute of the elegance-menu shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and...

CVE-2025-11704

CVE-2025-11704 — Elegance Menu (WordPress) Local File Inclusion is supported by multiple sources (Wordfence, Patchstack, CVE records) to affect the Elegance Menu plugin for WordPress up to version 1.9. The vulnerability enables an authenticated attacker with Contributor-level access or higher to ...

WordPress plugin Elegance Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-44935

Name of the Vulnerable Software and Affected Versions Elegance Menu versions prior to 2.0 Description The Elegance Menu plugin for WordPress is susceptible to Local File Inclusion in versions up to and including 1.9. An authenticated attacker with Contributor-level access or higher can exploit th...

elegance-limousine-service.fr Cross Site Scripting vulnerability OBB-3862717

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

When You Should Blog and When You Should Tweet

I saw my like-minded, friend-that-I've-never-met Andrew Thompson Tweet a poll, posted above. I was about to reply with the following Tweet: "If I'm struggling to figure out how to capture a thought in just 1 Tweet, that's a sign that a blog post might be appropriate. I only use a thread, and no...

Wordpress Theme Elegance /dl-skin.php 任意文件下载漏洞

No description provided by source...

Wordpress Theme Elegance Arbitrary File Download Vulnerability

This exploit allows attacker to download any writable file from the server Usage Info Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly Title : Wordpress Theme Elegance Arbitrary File Download Vulnerability Author : Aloulou Da...

WordPress Theme Elegance - &#039;/elegance/lib/scripts/dl-skin.php&#039; Local File Disclosure

source: https://www.securityfocus.com/bid/67935/info The Elegance theme for WordPress is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information fr...

WordPress Theme Elegance - elegancelibscriptsdl-skin.php Local File Disclosure

WordPress Theme Elegance - elegancelibscriptsdl-skin.php Local File Disclosure source: https://www.securityfocus.com/bid/67935/info The Elegance theme for WordPress is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this...

WordPress Elegance Theme - Local File Disclosure

Elegance theme's "elegance/lib/scripts/dl-skin.php" is prone to a local file disclosure vulnerability. It allows an attacker to get potentially sensitive information from local files on computers running the vulnerable application. Solution Upgrade the theme...

WordPress Elegance Local File Disclosure

Post Local File Disclosure in wordpress theme Elegance + Date: 07/06/2014 + CWE Number: CWE-98 + Risk: High + Author: Felipe Andrian Peixoto + Dork:inurl:"/wp-content/themes/elegance/" + Vendor Homepage: http://www.elegantthemes.com/ + Contact: [email protected] + Tested on: Windows 7 and...

Unfixed XSS vulnerability at elegance-saint-cloud.fr

Security researcher syltrox, has submitted on 19/10/2008 a cross-site-scripting XSS vulnerability affecting elegance-saint-cloud.fr, which at the time of submission ranked 11549098 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/09/2009. It ...