CVE-2025-68539

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

CVE-2025-68539

CVE-2025-68539 affects the WordPress theme Fana (thembay) up to version 1.1.35, with an Unauthenticated Local File Inclusion due to improper control of include/require filenames. Public sources (NVD/Red Hat/Patchstack/Wordfence) enumerate Fana

CVE-2025-68539 WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

CVE-2025-68539 WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

PT-2026-21093

Name of the Vulnerable Software and Affected Versions thembay Fana versions through 1.1.35 Description An issue exists in thembay Fana related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion. This allows for potential unauthorized access or...

WordPress plugin Fana 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Fana versions = 1.1.35...

WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Fana versions = 1.1.35...

WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Software : Fana Type : Theme Vulnerable versions : = 1.1.35 Fixed in : 1.1.36 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-68540 Patchstack priority : Low CVSS severity : 7.5 Required privilege : Contributor Developer : Claim ownership PSID : 1370613da8d7...

EUVD-2025-205187

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

CVE-2025-68540 WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

CVE-2025-68540 WordPress Fana theme <= 1.1.35 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through = 1.1.35...

CVE-2025-68540

CVE-2025-68540 affects the WordPress theme Fana (Fashion Shop Theme). It is an authenticated local file inclusion via improper control of filenames in PHP include/require, impacting Fana versions up to 1.1.35. Wordfence reports this CVE as mitigated/patched in a later release (patch available in ...

PT-2025-53100

Name of the Vulnerable Software and Affected Versions thembay Fana versions through 1.1.35 Description An improper control of filename for include/require statement exists in thembay Fana, potentially allowing PHP Local File Inclusion. The issue is related to PHP Remote File Inclusion...

WordPress plugin Fana 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Malicious code in buta-fana-sadofa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074bb0fe743414d08d7d9e6605a846e576c930bd565f47ee356d21e71c5422ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-142938

Malicious code in buta-fana-safa npm...

EUVD-2025-142945

Malicious code in buta-fana-sadofa npm...

Malicious code in buta-fana-sadofagaina (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c57aafb95f867eebafbab362f72d6ec94bb051e8d06a3d4762dbb18004ff0680 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-142943

Malicious code in buta-fana-sadofagaa npm...