CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

80 matches found

WordPress Jannah Theme <5.4.4 - Cross-Site Scripting

WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the options JSON parameter in its tiegetuserweather AJAX action before outputting it back in the page. id: CVE-2021-24364 info: name: WordPress Jannah Theme 5.4.4 - Cross-Sit...

6.1CVSS6.2AI score0.01975EPSS

Exploits2References5

RedhatCVE•added 2026/03/26 5:5 p.m.•2 views

CVE-2026-25464

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•4 views

EUVD-2026-15748

5.8AI score0.00403EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•7 views

CVE-2026-25464

8.1CVSS0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•26 views

CVE-2026-25464 WordPress Jannah theme <= 7.6.4 - Local File Inclusion vulnerability

8.1CVSS0.00403EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•15 views

CVE-2026-25464

CVE-2026-25464 affects the WordPress plugin Jannah (Jannah – Newspaper Magazine News BuddyPress AMP). The Wordfence and NVD entries describe an "Imporper Control of Filename for Include/Require Statement" vulnerability that enables PHP Local File Inclusion via manipulated include/require targets....

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•8 views

CVE-2026-25464 WordPress Jannah theme <= 7.6.4 - Local File Inclusion vulnerability

8.1CVSS5.3AI score0.00403EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•4 views

WordPress plugin Jannah 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•6 views

PT-2026-27958

Name of the Vulnerable Software and Affected Versions TieLabs Jannah versions through 7.6.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local PHP files...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References3

Patchstack•added 2026/03/16 12:48 p.m.•7 views

WordPress Jannah theme <= 7.6.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Jannah versions = 7.6.3...

8.1CVSS5.8AI score0.00403EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/12/19 7:32 a.m.•3 views

CVE-2025-64206

Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...

9.8CVSS7AI score0.00386EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 7:32 a.m.•2 views

CVE-2025-64205

8.1CVSS7.1AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 7:32 a.m.•3 views

CVE-2025-64207

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...

7.1CVSS6.4AI score0.0018EPSS

Exploits0References1

EUVD•added 2025/12/18 9:30 a.m.•4 views

EUVD-2025-204084

Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...

9.8CVSS6.5AI score0.00386EPSS

Exploits0References2

EUVD•added 2025/12/18 9:30 a.m.•3 views

EUVD-2025-204083

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...

7.1CVSS5.9AI score0.0018EPSS

Exploits0References2

NVD•added 2025/12/18 8:16 a.m.•5 views

CVE-2025-64206

Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through = 7.6.0...

9.8CVSS0.00386EPSS

Exploits0References1

NVD•added 2025/12/18 8:16 a.m.•3 views

CVE-2025-64207

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...

7.1CVSS0.0018EPSS

Exploits0References1

NVD•added 2025/12/18 8:16 a.m.•4 views

CVE-2025-64205

8.1CVSS0.00344EPSS

Exploits0References1

Vulnrichment•added 2025/12/18 7:22 a.m.•2 views

CVE-2025-64207 WordPress Jannah theme <= 7.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Jannah jannah allows DOM-Based XSS.This issue affects Jannah: from n/a through = 7.6.0...

7.1CVSS6AI score0.0018EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•9 views

CVE-2025-64207

CVE-2025-64207 concerns TieLabs Jannah WordPress theme (versions

7.1CVSS6AI score0.0018EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by