CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-27827

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/05/25 1:19 p.m.•3 views

CVE-2025-32309

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Healsoul healsoul allows PHP Local File Inclusion.This issue affects Healsoul: from n/a through = 2.2.3...

8.1CVSS7.2AI score0.00547EPSS

Exploits0References1

NVD•added 2025/05/23 1:15 p.m.•3 views

CVE-2025-32309

8.1CVSS0.00547EPSS

Exploits0References1

OSV•added 2025/05/23 1:15 p.m.•2 views

CVE-2025-32309

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Healsoul allows PHP Local File Inclusion. This issue affects Healsoul: from n/a through 2.0.2...

8.1CVSS5.8AI score0.00547EPSS

Exploits0References1

Cvelist•added 2025/05/23 12:43 p.m.•11 views

CVE-2025-32309 WordPress Healsoul theme <= 2.2.3 - Local File Inclusion Vulnerability

8.1CVSS0.00547EPSS

Exploits0References1

Vulnrichment•added 2025/05/23 12:43 p.m.•5 views

CVE-2025-32309 WordPress Healsoul <= 2.0.2 - Local File Inclusion Vulnerability

8.1CVSS8.3AI score0.00547EPSS

Exploits0References1

CVE•added 2025/05/23 12:43 p.m.•36 views

CVE-2025-32309

CVE-2025-32309 affects ThemeMove Healsoul WordPress theme, specifically versions n/a through 2.0.2. The issue is an improper control of filename for include/require in PHP, enabling Local File Inclusion (LFI) and, per sources, unauthenticated access. The CVSS base metrics indicate a high-severity...

8.1CVSS7.2AI score0.00547EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/05/23 12:0 a.m.•0 views

WordPress plugin Healsoul 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.1CVSS7.8AI score0.00547EPSS

Exploits0References2

Positive Technologies•added 2025/05/23 12:0 a.m.•2 views

PT-2025-22698 · Thememove · Thememove Healsoul

Name of the Vulnerable Software and Affected Versions: ThemeMove Healsoul versions n/a through 2.0.2 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local Fi...

8.1CVSS8AI score0.00547EPSS

Exploits0References3