WordPress Oxpitan Theme <= 1.3.1 is vulnerable to Local File Inclusion

Software Oxpitan Type Theme Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-32294 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 95fea536d9dc Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress KiotViet Sync Plugin <= 1.8.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Le Ngoc Anh in WordPress Plugin KiotViet Sync versions = 1.8.4...