80 matches found
WordPress Jannah Theme <5.4.4 - Cross-Site Scripting
WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the options JSON parameter in its tiegetuserweather AJAX action before outputting it back in the page. id: CVE-2021-24364 info: name: WordPress Jannah Theme 5.4.4 - Cross-Sit...
CVE-2026-25464
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...
EUVD-2026-15748
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.3...
CVE-2026-25464
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...
CVE-2026-25464 WordPress Jannah theme <= 7.6.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...
CVE-2026-25464 WordPress Jannah theme <= 7.6.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...
CVE-2026-25464
CVE-2026-25464 affects the WordPress plugin Jannah (Jannah – Newspaper Magazine News BuddyPress AMP). The Wordfence and NVD entries describe an "Imporper Control of Filename for Include/Require Statement" vulnerability that enables PHP Local File Inclusion via manipulated include/require targets....
WordPress plugin Jannah 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-27958
Name of the Vulnerable Software and Affected Versions TieLabs Jannah versions through 7.6.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local PHP files...
WordPress Jannah theme <= 7.6.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Jannah versions = 7.6.3...
CVE-2025-64206
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64205
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64207
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...
EUVD-2025-204083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...
EUVD-2025-204084
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64206
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64207
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64205
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.0...
CVE-2025-64205
CVE-2025-64205 affects WordPress Jannah theme versions up to and including 7.6.0. The issue is an improper control of filename for include/require, enabling PHP Local File Inclusion (LFI). The CVSS 3.1 base score is 8.2 (HIGH) with network attack vector, low attack complexity, no privileges requi...
EUVD-2025-204085
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.0...