WordPress plugin GlamChic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Monki 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin EasyEat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-68061 WordPress EduMall theme <= 4.4.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove EduMall edumall allows PHP Local File Inclusion.This issue affects EduMall: from n/a through = 4.4.7...

CVE-2025-62014

The CVE-2025-62014 entry documents a Local File Inclusion vulnerability in the WordPress ITok theme (WordPress plugin) versions up to and including 1.1.42. The issue is described as improper control of the filename for include/require statements in PHP, enabling PHP Remote File Inclusion under th...

PT-2025-44615

Name of the Vulnerable Software and Affected Versions StylemixThemes Masterstudy versions prior to 4.8.126 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the...

PT-2025-43199

Name of the Vulnerable Software and Affected Versions xtemos WoodMart versions prior to 8.3.2 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local file...

CVE-2025-49036

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in octagonwebstudio Premium Addons for KingComposer premium-addons-for-kingcomposer allows PHP Local File Inclusion.This issue affects Premium Addons for KingComposer: from n/a...

WordPress plugin RT-Theme 18 | Extensions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin Samex - Clean, Minimal Shop WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Aora 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file inclusion vulnerability exists in WordPress Aora plugin, which stems from improper control of filenames for include or demand statements, and can be exploited by an...

WordPress plugin Nika 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Tourmaster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Motors 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-35342 · Webbytemplate · Webbytemplate Office Locator

Name of the Vulnerable Software and Affected Versions: webbytemplate Office Locator versions 1.3.0 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion'. This vulnerability affects the...

CVE-2022-0320

The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead ...

Adding Some Salt to Our Network – Part 2

How our configuration management actually works Following a previous post which explained why we needed a configuration management system, this post explores how we built and implemented our configuration management using SaltStack. It describes the structure of our configuration and the toolset ...

DSA-1806-1 cscope - arbitrary code execution

Bulletin has no description...

DSA-1064-1 cscope - buffer overflows

Bulletin has no description...