MAL-2025-40802 Malicious code in zen-slse4-avqlu-fable-project (npm)

The package zen-slse4-avqlu-fable-project was found to contain malicious code...

MAL-2025-20138 Malicious code in fable-ronu2-be0jn-jasper-project (npm)

The package fable-ronu2-be0jn-jasper-project was found to contain malicious code...

Malicious code in test-mlw2-ryals-staps-fable-ormer (npm)

The package test-mlw2-ryals-staps-fable-ormer was found to contain malicious code...

Malicious code in test-mlw2-dross-fable (npm)

The package test-mlw2-dross-fable was found to contain malicious code...

Malicious code in moondust-jdtke-5irbr-fable-project (npm)

The package moondust-jdtke-5irbr-fable-project was found to contain malicious code...

CVE-2025-46468

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPFable Fable Extra fable-extra allows PHP Local File Inclusion.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46539

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFable Fable Extra fable-extra allows Blind SQL Injection.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46539

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFable Fable Extra fable-extra allows Blind SQL Injection.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46468

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPFable Fable Extra fable-extra allows PHP Local File Inclusion.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46468 WordPress Fable Extra plugin <= 1.0.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPFable Fable Extra fable-extra allows PHP Local File Inclusion.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46468 WordPress Fable Extra plugin <= 1.0.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPFable Fable Extra fable-extra allows PHP Local File Inclusion.This issue affects Fable Extra: from n/a through = 1.0.6...

CVE-2025-46468

CVE-2025-46468 is a Local File Inclusion vulnerability in WordPress plugin Fable Extra &lt;= 1.0.6 (a WordPress plugin). The issue arises from improper control of filenames used in PHP include/require statements, enabling PHP local file inclusion. Public sources (NVD/Red Hat/ CVE records) list th...

CVE-2025-46539 WordPress Fable Extra <= 1.0.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFable Fable Extra allows Blind SQL Injection. This issue affects Fable Extra: from n/a through 1.0.6...

CVE-2025-46539

CVE-2025-46539 is an SQL injection vulnerability in WordPress plugin Fable Extra, affecting versions up to 1.0.6. The issue arises from improper neutralization of input in SQL commands, enabling blind SQL injection. Product affected: Fable Extra for WordPress (versions ≤ 1.0.6). Impact as stated:...

CVE-2025-46539 WordPress Fable Extra plugin <= 1.0.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFable Fable Extra fable-extra allows Blind SQL Injection.This issue affects Fable Extra: from n/a through = 1.0.6...

WordPress plugin Fable Extra 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-22742 · Unknown · Fable Extra

Name of the Vulnerable Software and Affected Versions: Fable Extra versions 1.0.0 through 1.0.6 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This allows for Blind SQL Injection, which can b...

PT-2025-22730 · Unknown +1 · Wpfable Fable Extra +1

Name of the Vulnerable Software and Affected Versions: WPFable Fable Extra versions 1.0.0 through 1.0.6 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...

WordPress plugin Fable Extra SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2025-46447

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFable Fable Extra fable-extra allows DOM-Based XSS.This issue affects Fable Extra: from n/a through = 1.0.6...