6 matches found
CVE-2026-32434 WordPress VW Fitness theme <= 4.3.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW Fitness vw-fitness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Fitness: from n/a through = 4.3.4...
CVE-2026-27342
CVE-2026-27342 : Local File Inclusion in Mikado-Themes TopFit - Fitness and Gym WordPress Theme (TopFit) up to and including 1.9. The issue is caused by improper control of filenames for include/require statements in a PHP program, enabling PHP Local File Inclusion. Connected sources (Red Hat CVE...
WordPress VW Fitness theme <= 4.3.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Fitness versions = 4.3.4...
WordPress TopFit - Fitness and Gym WordPress Theme theme <= 1.9 - Local File Inclusion vulnerability
WordPress TopFit - Fitness and Gym WordPress Theme theme = 1.9 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme TopFit - Fitness and Gym WordPress Theme versions = 1.9...
CVE-2026-25394
CVE-2026-25394 describes a Missing Authorization / Broken Access Control in the WordPress Fitness FSE theme (versions ≤ 1.0.6). The vulnerability arises from incorrectly configured access control security levels, and affects Fitness FSE from n/a to 1.0.6. The connected sources (NVD, Red Hat, CVE ...
CVE-2026-25394 WordPress Fitness FSE theme <= 1.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in sparklewpthemes Fitness FSE fitness-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fitness FSE: from n/a through = 1.0.6...